Merge pull request #5141 from NginxProxyManager/develop

v2.13.6

.version

@@ -1 +1 @@
-2.13.4
+2.13.6

README.md

@@ -1,7 +1,7 @@
 <p align="center">
 	<img src="https://nginxproxymanager.com/github.png">
 	<br><br>
-	<img src="https://img.shields.io/badge/version-2.13.4-green.svg?style=for-the-badge">
+	<img src="https://img.shields.io/badge/version-2.13.6-green.svg?style=for-the-badge">
 	<a href="https://hub.docker.com/repository/docker/jc21/nginx-proxy-manager">
 		<img src="https://img.shields.io/docker/stars/jc21/nginx-proxy-manager.svg?style=for-the-badge">
 	</a>

backend/certbot/dns-plugins.json

@@ -26,8 +26,8 @@
 	"azure": {
 		"name": "Azure",
 		"package_name": "certbot-dns-azure",
-		"version": "~=1.2.0",
-		"dependencies": "",
+		"version": "~=2.6.1",
+		"dependencies": "azure-mgmt-dns==8.2.0",
 		"credentials": "# This plugin supported API authentication using either Service Principals or utilizing a Managed Identity assigned to the virtual machine.\n# Regardless which authentication method used, the identity will need the “DNS Zone Contributor” role assigned to it.\n# As multiple Azure DNS Zones in multiple resource groups can exist, the config file needs a mapping of zone to resource group ID. Multiple zones -> ID mappings can be listed by using the key dns_azure_zoneX where X is a unique number. At least 1 zone mapping is required.\n\n# Using a service principal (option 1)\ndns_azure_sp_client_id = 912ce44a-0156-4669-ae22-c16a17d34ca5\ndns_azure_sp_client_secret = E-xqXU83Y-jzTI6xe9fs2YC~mck3ZzUih9\ndns_azure_tenant_id = ed1090f3-ab18-4b12-816c-599af8a88cf7\n\n# Using used assigned MSI (option 2)\n# dns_azure_msi_client_id = 912ce44a-0156-4669-ae22-c16a17d34ca5\n\n# Using system assigned MSI (option 3)\n# dns_azure_msi_system_assigned = true\n\n# Zones (at least one always required)\ndns_azure_zone1 = example.com:/subscriptions/c135abce-d87d-48df-936c-15596c6968a5/resourceGroups/dns1\ndns_azure_zone2 = example.org:/subscriptions/99800903-fb14-4992-9aff-12eaf2744622/resourceGroups/dns2",
 		"full_plugin_name": "dns-azure"
 	},
@@ -255,6 +255,14 @@
 		"credentials": "dns_gcore_apitoken = 0123456789abcdef0123456789abcdef01234567",
 		"full_plugin_name": "dns-gcore"
 	},
+	"glesys": {
+		"name": "Glesys",
+		"package_name": "certbot-dns-glesys",
+		"version": "~=2.1.0",
+		"dependencies": "",
+		"credentials": "dns_glesys_user = CL00000\ndns_glesys_password = apikeyvalue",
+		"full_plugin_name": "dns-glesys"
+	},
 	"godaddy": {
 		"name": "GoDaddy",
 		"package_name": "certbot-dns-godaddy",
@@ -287,6 +295,14 @@
 		"credentials": "dns_he_user = Me\ndns_he_pass = my HE password",
 		"full_plugin_name": "dns-he"
 	},
+	"he-ddns": {
+		"name": "Hurricane Electric - DDNS",
+		"package_name": "certbot-dns-he-ddns",
+		"version": "~=0.1.0",
+		"dependencies": "",
+		"credentials": "dns_he_ddns_password = verysecurepassword",
+		"full_plugin_name": "dns-he-ddns"
+	},
 	"hetzner": {
 		"name": "Hetzner",
 		"package_name": "certbot-dns-hetzner",
@@ -367,6 +383,14 @@
 		"credentials": "dns_joker_username = <Dynamic DNS Authentication Username>\ndns_joker_password = <Dynamic DNS Authentication Password>\ndns_joker_domain = <Dynamic DNS Domain>",
 		"full_plugin_name": "dns-joker"
 	},
+	"kas": {
+        "name": "All-Inkl",
+        "package_name": "certbot-dns-kas",
+        "version": "~=0.1.1",
+        "dependencies": "kasserver",
+        "credentials": "dns_kas_user = your_kas_user\ndns_kas_password = your_kas_password",
+        "full_plugin_name": "dns-kas"
+    },
 	"leaseweb": {
 		"name": "LeaseWeb",
 		"package_name": "certbot-dns-leaseweb",
@@ -482,7 +506,7 @@
 	"porkbun": {
 		"name": "Porkbun",
 		"package_name": "certbot-dns-porkbun",
-		"version": "~=0.9",
+		"version": "~=0.11.0",
 		"dependencies": "",
 		"credentials": "dns_porkbun_key=your-porkbun-api-key\ndns_porkbun_secret=your-porkbun-api-secret",
 		"full_plugin_name": "dns-porkbun"
@@ -527,6 +551,14 @@
 		"credentials": "[default]\naws_access_key_id=AKIAIOSFODNN7EXAMPLE\naws_secret_access_key=wJalrXUtnFEMI/K7MDENG/bPxRfiCYEXAMPLEKEY",
 		"full_plugin_name": "dns-route53"
 	},
+	"simply": {
+		"name": "Simply",
+		"package_name": "certbot-dns-simply",
+		"version": "~=0.1.2",
+		"dependencies": "",
+		"credentials": "dns_simply_account_name = UExxxxxx\ndns_simply_api_key = DsHJdsjh2812872sahj",
+		"full_plugin_name": "dns-simply"
+	},
 	"spaceship": {
 		"name": "Spaceship",
 		"package_name": "certbot-dns-spaceship",

backend/internal/2fa.js

@@ -0,0 +1,288 @@
+import crypto from "node:crypto";
+import bcrypt from "bcrypt";
+import { authenticator } from "otplib";
+import errs from "../lib/error.js";
+import authModel from "../models/auth.js";
+import internalUser from "./user.js";
+
+const APP_NAME = "Nginx Proxy Manager";
+const BACKUP_CODE_COUNT = 8;
+
+/**
+ * Generate backup codes
+ * @returns {Promise<{plain: string[], hashed: string[]}>}
+ */
+const generateBackupCodes = async () => {
+	const plain = [];
+	const hashed = [];
+
+	for (let i = 0; i < BACKUP_CODE_COUNT; i++) {
+		const code = crypto.randomBytes(4).toString("hex").toUpperCase();
+		plain.push(code);
+		const hash = await bcrypt.hash(code, 10);
+		hashed.push(hash);
+	}
+
+	return { plain, hashed };
+};
+
+const internal2fa = {
+
+	/**
+	 * Check if user has 2FA enabled
+	 * @param {number} userId
+	 * @returns {Promise<boolean>}
+	 */
+	isEnabled: async (userId) => {
+		const auth = await internal2fa.getUserPasswordAuth(userId);
+		return auth?.meta?.totp_enabled === true;
+	},
+
+	/**
+	 * Get 2FA status for user
+	 * @param   {Access}  access
+	 * @param   {number}  userId
+	 * @returns {Promise<{enabled: boolean, backup_codes_remaining: number}>}
+	 */
+	getStatus: async (access, userId) => {
+		await access.can("users:password", userId);
+		await internalUser.get(access, { id: userId });
+		const auth = await internal2fa.getUserPasswordAuth(userId);
+		const enabled = auth?.meta?.totp_enabled === true;
+		let backup_codes_remaining = 0;
+
+		if (enabled) {
+			const backupCodes = auth.meta.backup_codes || [];
+			backup_codes_remaining = backupCodes.length;
+		}
+
+		return {
+			enabled,
+			backup_codes_remaining,
+		};
+	},
+
+	/**
+	 * Start 2FA setup - store pending secret
+	 *
+	 * @param   {Access}  access
+	 * @param   {number} userId
+	 * @returns {Promise<{secret: string, otpauth_url: string}>}
+	 */
+	startSetup: async (access, userId) => {
+		await access.can("users:password", userId);
+		const user = await internalUser.get(access, { id: userId });
+		const secret = authenticator.generateSecret();
+		const otpauth_url = authenticator.keyuri(user.email, APP_NAME, secret);
+		const auth = await internal2fa.getUserPasswordAuth(userId);
+
+		// ensure user isn't already setup for 2fa
+		const enabled = auth?.meta?.totp_enabled === true;
+		if (enabled) {
+			throw new errs.ValidationError("2FA is already enabled");
+		}
+
+		const meta = auth.meta || {};
+		meta.totp_pending_secret = secret;
+
+		await authModel.query()
+			.where("id", auth.id)
+			.andWhere("user_id", userId)
+			.andWhere("type", "password")
+			.patch({ meta });
+
+		return { secret, otpauth_url };
+	},
+
+	/**
+	 * Enable 2FA after verifying code
+	 *
+	 * @param   {Access}  access
+	 * @param   {number}  userId
+	 * @param   {string}  code
+	 * @returns {Promise<{backup_codes: string[]}>}
+	 */
+	enable: async (access, userId, code) => {
+		await access.can("users:password", userId);
+		await internalUser.get(access, { id: userId });
+		const auth = await internal2fa.getUserPasswordAuth(userId);
+		const secret = auth?.meta?.totp_pending_secret || false;
+
+		if (!secret) {
+			throw new errs.ValidationError("No pending 2FA setup found");
+		}
+
+		const valid = authenticator.verify({ token: code, secret });
+		if (!valid) {
+			throw new errs.ValidationError("Invalid verification code");
+		}
+
+		const { plain, hashed } = await generateBackupCodes();
+
+		const meta = {
+			...auth.meta,
+			totp_secret: secret,
+			totp_enabled: true,
+			totp_enabled_at: new Date().toISOString(),
+			backup_codes: hashed,
+		};
+		delete meta.totp_pending_secret;
+
+		await authModel
+			.query()
+			.where("id", auth.id)
+			.andWhere("user_id", userId)
+			.andWhere("type", "password")
+			.patch({ meta });
+
+		return { backup_codes: plain };
+	},
+
+	/**
+	 * Disable 2FA
+	 *
+	 * @param   {Access}  access
+	 * @param   {number} userId
+	 * @param   {string} code
+	 * @returns {Promise<void>}
+	 */
+	disable: async (access, userId, code) => {
+		await access.can("users:password", userId);
+		await internalUser.get(access, { id: userId });
+		const auth = await internal2fa.getUserPasswordAuth(userId);
+
+		const enabled = auth?.meta?.totp_enabled === true;
+		if (!enabled) {
+			throw new errs.ValidationError("2FA is not enabled");
+		}
+
+		const valid = authenticator.verify({
+			token: code,
+			secret: auth.meta.totp_secret,
+		});
+
+		if (!valid) {
+			throw new errs.AuthError("Invalid verification code");
+		}
+
+		const meta = { ...auth.meta };
+		delete meta.totp_secret;
+		delete meta.totp_enabled;
+		delete meta.totp_enabled_at;
+		delete meta.backup_codes;
+
+		await authModel
+			.query()
+			.where("id", auth.id)
+			.andWhere("user_id", userId)
+			.andWhere("type", "password")
+			.patch({ meta });
+	},
+
+	/**
+	 * Verify 2FA code for login
+	 *
+	 * @param   {number} userId
+	 * @param   {string} token
+	 * @returns {Promise<boolean>}
+	 */
+	verifyForLogin: async (userId, token) => {
+		const auth = await internal2fa.getUserPasswordAuth(userId);
+		const secret = auth?.meta?.totp_secret || false;
+
+		if (!secret) {
+			return false;
+		}
+
+		// Try TOTP code first
+		const valid = authenticator.verify({
+			token,
+			secret,
+		});
+
+		if (valid) {
+			return true;
+		}
+
+		// Try backup codes
+		const backupCodes = auth?.meta?.backup_codes || [];
+		for (let i = 0; i < backupCodes.length; i++) {
+			const match = await bcrypt.compare(code.toUpperCase(), backupCodes[i]);
+			if (match) {
+				// Remove used backup code
+				const updatedCodes = [...backupCodes];
+				updatedCodes.splice(i, 1);
+				const meta = { ...auth.meta, backup_codes: updatedCodes };
+				await authModel
+					.query()
+					.where("id", auth.id)
+					.andWhere("user_id", userId)
+					.andWhere("type", "password")
+					.patch({ meta });
+				return true;
+			}
+		}
+
+		return false;
+	},
+
+	/**
+	 * Regenerate backup codes
+	 *
+	 * @param   {Access}  access
+	 * @param   {number}  userId
+	 * @param   {string}  token
+	 * @returns {Promise<{backup_codes: string[]}>}
+	 */
+	regenerateBackupCodes: async (access, userId, token) => {
+		await access.can("users:password", userId);
+		await internalUser.get(access, { id: userId });
+		const auth = await internal2fa.getUserPasswordAuth(userId);
+		const enabled = auth?.meta?.totp_enabled === true;
+		const secret = auth?.meta?.totp_secret || false;
+
+		if (!enabled) {
+			throw new errs.ValidationError("2FA is not enabled");
+		}
+		if (!secret) {
+			throw new errs.ValidationError("No 2FA secret found");
+		}
+
+		const valid = authenticator.verify({
+			token,
+			secret,
+		});
+
+		if (!valid) {
+			throw new errs.ValidationError("Invalid verification code");
+		}
+
+		const { plain, hashed } = await generateBackupCodes();
+
+		const meta = { ...auth.meta, backup_codes: hashed };
+		await authModel
+			.query()
+			.where("id", auth.id)
+			.andWhere("user_id", userId)
+			.andWhere("type", "password")
+			.patch({ meta });
+
+		return { backup_codes: plain };
+	},
+
+	getUserPasswordAuth: async (userId) => {
+		const auth = await authModel
+			.query()
+			.where("user_id", userId)
+			.andWhere("type", "password")
+			.first();
+
+		if (!auth) {
+			throw new errs.ItemNotFoundError("Auth not found");
+		}
+
+		return auth;
+	},
+};
+
+export default internal2fa;

backend/internal/certificate.js

@@ -798,6 +798,11 @@ const internalCertificate = {
 			certificate.domain_names.join(","),
 		];
 
+		// Add key-type parameter if specified
+		if (certificate.meta?.key_type) {
+			args.push("--key-type", certificate.meta.key_type);
+		}
+
 		const adds = internalCertificate.getAdditionalCertbotArgs(certificate.id);
 		args.push(...adds.args);
 
@@ -858,6 +863,11 @@ const internalCertificate = {
 			);
 		}
 
+		// Add key-type parameter if specified
+		if (certificate.meta?.key_type) {
+			args.push("--key-type", certificate.meta.key_type);
+		}
+
 		const adds = internalCertificate.getAdditionalCertbotArgs(certificate.id, certificate.meta.dns_provider);
 		args.push(...adds.args);
 
@@ -938,6 +948,11 @@ const internalCertificate = {
 			"--disable-hook-validation",
 		];
 
+		// Add key-type parameter if specified
+		if (certificate.meta?.key_type) {
+			args.push("--key-type", certificate.meta.key_type);
+		}
+
 		const adds = internalCertificate.getAdditionalCertbotArgs(certificate.id, certificate.meta.dns_provider);
 		args.push(...adds.args);
 
@@ -979,6 +994,11 @@ const internalCertificate = {
 			"--no-random-sleep-on-renew",
 		];
 
+		// Add key-type parameter if specified
+		if (certificate.meta?.key_type) {
+			args.push("--key-type", certificate.meta.key_type);
+		}
+
 		const adds = internalCertificate.getAdditionalCertbotArgs(certificate.id, certificate.meta.dns_provider);
 		args.push(...adds.args);
 

backend/internal/remote-version.js

@@ -0,0 +1,84 @@
+import https from "node:https";
+import { ProxyAgent } from "proxy-agent";
+import { debug, remoteVersion as logger } from "../logger.js";
+import pjson from "../package.json" with { type: "json" };
+
+const VERSION_URL = "https://api.github.com/repos/NginxProxyManager/nginx-proxy-manager/releases/latest";
+
+const internalRemoteVersion = {
+	cache_timeout: 1000 * 60 * 15, // 15 minutes
+	last_result: null,
+	last_fetch_time: null,
+
+	/**
+	 * Fetch the latest version info, using a cached result if within the cache timeout period.
+	 * @return {Promise<{current: string, latest: string, update_available: boolean}>} Version info
+	 */
+	get: async () => {
+		if (
+			!internalRemoteVersion.last_result ||
+			!internalRemoteVersion.last_fetch_time ||
+			Date.now() - internalRemoteVersion.last_fetch_time > internalRemoteVersion.cache_timeout
+		) {
+			const raw = await internalRemoteVersion.fetchUrl(VERSION_URL);
+			const data = JSON.parse(raw);
+			internalRemoteVersion.last_result = data;
+			internalRemoteVersion.last_fetch_time = Date.now();
+		} else {
+			debug(logger, "Using cached remote version result");
+		}
+
+		const latestVersion = internalRemoteVersion.last_result.tag_name;
+		const version = pjson.version.split("-").shift().split(".");
+		const currentVersion = `v${version[0]}.${version[1]}.${version[2]}`;
+		return {
+			current: currentVersion,
+			latest: latestVersion,
+			update_available: internalRemoteVersion.compareVersions(currentVersion, latestVersion),
+		};
+	},
+
+	fetchUrl: (url) => {
+		const agent = new ProxyAgent();
+		const headers = {
+			"User-Agent": `NginxProxyManager v${pjson.version}`,
+		};
+
+		return new Promise((resolve, reject) => {
+			logger.info(`Fetching ${url}`);
+			return https
+				.get(url, { agent, headers }, (res) => {
+					res.setEncoding("utf8");
+					let raw_data = "";
+					res.on("data", (chunk) => {
+						raw_data += chunk;
+					});
+					res.on("end", () => {
+						resolve(raw_data);
+					});
+				})
+				.on("error", (err) => {
+					reject(err);
+				});
+		});
+	},
+
+	compareVersions: (current, latest) => {
+		const cleanCurrent = current.replace(/^v/, "");
+		const cleanLatest = latest.replace(/^v/, "");
+
+		const currentParts = cleanCurrent.split(".").map(Number);
+		const latestParts = cleanLatest.split(".").map(Number);
+
+		for (let i = 0; i < Math.max(currentParts.length, latestParts.length); i++) {
+			const curr = currentParts[i] || 0;
+			const lat = latestParts[i] || 0;
+
+			if (lat > curr) return true;
+			if (lat < curr) return false;
+		}
+		return false;
+	},
+};
+
+export default internalRemoteVersion;

backend/internal/report.js

@@ -15,10 +15,10 @@ const internalReport = {
 				const userId = access.token.getUserId(1);
 
 				const promises = [
-					internalProxyHost.getCount(userId, access_data.visibility),
-					internalRedirectionHost.getCount(userId, access_data.visibility),
-					internalStream.getCount(userId, access_data.visibility),
-					internalDeadHost.getCount(userId, access_data.visibility),
+					internalProxyHost.getCount(userId, access_data.permission_visibility),
+					internalRedirectionHost.getCount(userId, access_data.permission_visibility),
+					internalStream.getCount(userId, access_data.permission_visibility),
+					internalDeadHost.getCount(userId, access_data.permission_visibility),
 				];
 
 				return Promise.all(promises);

backend/internal/token.js

@@ -4,9 +4,12 @@ import { parseDatePeriod } from "../lib/helpers.js";
 import authModel from "../models/auth.js";
 import TokenModel from "../models/token.js";
 import userModel from "../models/user.js";
+import twoFactor from "./2fa.js";
 
 const ERROR_MESSAGE_INVALID_AUTH = "Invalid email or password";
 const ERROR_MESSAGE_INVALID_AUTH_I18N = "error.invalid-auth";
+const ERROR_MESSAGE_INVALID_2FA = "Invalid verification code";
+const ERROR_MESSAGE_INVALID_2FA_I18N = "error.invalid-2fa";
 
 export default {
 	/**
@@ -59,6 +62,25 @@ export default {
 			throw new errs.AuthError(`Invalid scope: ${data.scope}`);
 		}
 
+		// Check if 2FA is enabled
+		const has2FA = await twoFactor.isEnabled(user.id);
+		if (has2FA) {
+			// Return challenge token instead of full token
+			const challengeToken = await Token.create({
+				iss: issuer || "api",
+				attrs: {
+					id: user.id,
+				},
+				scope: ["2fa-challenge"],
+				expiresIn: "5m",
+			});
+
+			return {
+				requires_2fa: true,
+				challenge_token: challengeToken.token,
+			};
+		}
+
 		// Create a moment of the expiry expression
 		const expiry = parseDatePeriod(data.expiry);
 		if (expiry === null) {
@@ -129,6 +151,65 @@ export default {
 		throw new error.AssertionFailedError("Existing token contained invalid user data");
 	},
 
+	/**
+	 * Verify 2FA code and return full token
+	 * @param {string} challengeToken
+	 * @param {string} code
+	 * @param {string} [expiry]
+	 * @returns {Promise}
+	 */
+	verify2FA: async (challengeToken, code, expiry) => {
+		const Token = TokenModel();
+		const tokenExpiry = expiry || "1d";
+
+		// Verify challenge token
+		let tokenData;
+		try {
+			tokenData = await Token.load(challengeToken);
+		} catch {
+			throw new errs.AuthError("Invalid or expired challenge token");
+		}
+
+		// Check scope
+		if (!tokenData.scope || tokenData.scope[0] !== "2fa-challenge") {
+			throw new errs.AuthError("Invalid challenge token");
+		}
+
+		const userId = tokenData.attrs?.id;
+		if (!userId) {
+			throw new errs.AuthError("Invalid challenge token");
+		}
+
+		// Verify 2FA code
+		const valid = await twoFactor.verifyForLogin(userId, code);
+		if (!valid) {
+			throw new errs.AuthError(
+				ERROR_MESSAGE_INVALID_2FA,
+				ERROR_MESSAGE_INVALID_2FA_I18N,
+			);
+		}
+
+		// Create full token
+		const expiryDate = parseDatePeriod(tokenExpiry);
+		if (expiryDate === null) {
+			throw new errs.AuthError(`Invalid expiry time: ${tokenExpiry}`);
+		}
+
+		const signed = await Token.create({
+			iss: "api",
+			attrs: {
+				id: userId,
+			},
+			scope: ["user"],
+			expiresIn: tokenExpiry,
+		});
+
+		return {
+			token: signed.token,
+			expires: expiryDate.toISOString(),
+		};
+	},
+
 	/**
 	 * @param   {Object} user
 	 * @returns {Promise}

backend/logger.js

@@ -15,6 +15,7 @@ const certbot = new signale.Signale({ scope: "Certbot  ", ...opts });
 const importer = new signale.Signale({ scope: "Importer ", ...opts });
 const setup = new signale.Signale({ scope: "Setup    ", ...opts });
 const ipRanges = new signale.Signale({ scope: "IP Ranges", ...opts });
+const remoteVersion = new signale.Signale({ scope: "Remote Version", ...opts });
 
 const debug = (logger, ...args) => {
 	if (isDebugMode()) {
@@ -22,4 +23,4 @@ const debug = (logger, ...args) => {
 	}
 };
 
-export { debug, global, migrate, express, access, nginx, ssl, certbot, importer, setup, ipRanges };
+export { debug, global, migrate, express, access, nginx, ssl, certbot, importer, setup, ipRanges, remoteVersion };

backend/package.json

@@ -19,7 +19,7 @@
 		"bcrypt": "^5.0.0",
 		"body-parser": "^1.20.3",
 		"compression": "^1.7.4",
-		"express": "^4.20.0",
+		"express": "^4.22.0",
 		"express-fileupload": "^1.5.2",
 		"gravatar": "^1.8.2",
 		"jsonwebtoken": "^9.0.2",
@@ -30,6 +30,7 @@
 		"mysql2": "^3.15.3",
 		"node-rsa": "^1.1.1",
 		"objection": "3.0.1",
+		"otplib": "^12.0.1",
 		"path": "^0.12.7",
 		"pg": "^8.16.3",
 		"proxy-agent": "^6.5.0",

backend/routes/main.js

@@ -14,6 +14,7 @@ import schemaRoutes from "./schema.js";
 import settingsRoutes from "./settings.js";
 import tokensRoutes from "./tokens.js";
 import usersRoutes from "./users.js";
+import versionRoutes from "./version.js";
 
 const router = express.Router({
 	caseSensitive: true,
@@ -46,6 +47,7 @@ router.use("/users", usersRoutes);
 router.use("/audit-log", auditLogRoutes);
 router.use("/reports", reportsRoutes);
 router.use("/settings", settingsRoutes);
+router.use("/version", versionRoutes);
 router.use("/nginx/proxy-hosts", proxyHostsRoutes);
 router.use("/nginx/redirection-hosts", redirectionHostsRoutes);
 router.use("/nginx/dead-hosts", deadHostsRoutes);

backend/routes/tokens.js

@@ -53,4 +53,26 @@ router
 		}
 	});
 
+router
+	.route("/2fa")
+	.options((_, res) => {
+		res.sendStatus(204);
+	})
+
+	/**
+	 * POST /tokens/2fa
+	 *
+	 * Verify 2FA code and get full token
+	 */
+	.post(async (req, res, next) => {
+		try {
+			const { challenge_token, code } = await apiValidator(getValidationSchema("/tokens/2fa", "post"), req.body);
+			const result = await internalToken.verify2FA(challenge_token, code);
+			res.status(200).send(result);
+		} catch (err) {
+			debug(logger, `${req.method.toUpperCase()} ${req.path}: ${err}`);
+			next(err);
+		}
+	});
+
 export default router;

backend/routes/users.js

@@ -1,4 +1,5 @@
 import express from "express";
+import internal2FA from "../internal/2fa.js";
 import internalUser from "../internal/user.js";
 import Access from "../lib/access.js";
 import { isCI } from "../lib/config.js";
@@ -325,4 +326,130 @@ router
 		}
 	});
 
+/**
+ * User 2FA status
+ *
+ * /api/users/123/2fa
+ */
+router
+	.route("/:user_id/2fa")
+	.options((_, res) => {
+		res.sendStatus(204);
+	})
+	.all(jwtdecode())
+	.all(userIdFromMe)
+
+	/**
+	 * POST /api/users/123/2fa
+	 *
+	 * Start 2FA setup, returns QR code URL
+	 */
+	.post(async (req, res, next) => {
+		try {
+			const result = await internal2FA.startSetup(res.locals.access, req.params.user_id);
+			res.status(200).send(result);
+		} catch (err) {
+			debug(logger, `${req.method.toUpperCase()} ${req.path}: ${err}`);
+			next(err);
+		}
+	})
+
+	/**
+	 * GET /api/users/123/2fa
+	 *
+	 * Get 2FA status for a user
+	 */
+	.get(async (req, res, next) => {
+		try {
+			const status = await internal2FA.getStatus(res.locals.access, req.params.user_id);
+			res.status(200).send(status);
+		} catch (err) {
+			debug(logger, `${req.method.toUpperCase()} ${req.path}: ${err}`);
+			next(err);
+		}
+	})
+
+	/**
+	 * DELETE /api/users/123/2fa?code=XXXXXX
+	 *
+	 * Disable 2FA for a user
+	 */
+	.delete(async (req, res, next) => {
+		try {
+			const code = typeof req.query.code === "string" ? req.query.code : null;
+			if (!code) {
+				throw new errs.ValidationError("Missing required parameter: code");
+			}
+			await internal2FA.disable(res.locals.access, req.params.user_id, code);
+			res.status(200).send(true);
+		} catch (err) {
+			debug(logger, `${req.method.toUpperCase()} ${req.path}: ${err}`);
+			next(err);
+		}
+	});
+
+/**
+ * User 2FA enable
+ *
+ * /api/users/123/2fa/enable
+ */
+router
+	.route("/:user_id/2fa/enable")
+	.options((_, res) => {
+		res.sendStatus(204);
+	})
+	.all(jwtdecode())
+	.all(userIdFromMe)
+
+	/**
+	 * POST /api/users/123/2fa/enable
+	 *
+	 * Verify code and enable 2FA
+	 */
+	.post(async (req, res, next) => {
+		try {
+			const { code } = await apiValidator(
+				getValidationSchema("/users/{userID}/2fa/enable", "post"),
+				req.body,
+			);
+			const result = await internal2FA.enable(res.locals.access, req.params.user_id, code);
+			res.status(200).send(result);
+		} catch (err) {
+			debug(logger, `${req.method.toUpperCase()} ${req.path}: ${err}`);
+			next(err);
+		}
+	});
+
+/**
+ * User 2FA backup codes
+ *
+ * /api/users/123/2fa/backup-codes
+ */
+router
+	.route("/:user_id/2fa/backup-codes")
+	.options((_, res) => {
+		res.sendStatus(204);
+	})
+	.all(jwtdecode())
+	.all(userIdFromMe)
+
+	/**
+	 * POST /api/users/123/2fa/backup-codes
+	 *
+	 * Regenerate backup codes
+	 */
+	.post(async (req, res, next) => {
+		try {
+			const { code } = await apiValidator(
+				getValidationSchema("/users/{userID}/2fa/backup-codes", "post"),
+				req.body,
+			);
+			const result = await internal2FA.regenerateBackupCodes(res.locals.access, req.params.user_id, code);
+			res.status(200).send(result);
+		} catch (err) {
+			debug(logger, `${req.method.toUpperCase()} ${req.path}: ${err}`);
+			next(err);
+		}
+	});
+
 export default router;

backend/routes/version.js

@@ -0,0 +1,40 @@
+import express from "express";
+import internalRemoteVersion from "../internal/remote-version.js";
+import { debug, express as logger } from "../logger.js";
+
+const router = express.Router({
+	caseSensitive: true,
+	strict: true,
+	mergeParams: true,
+});
+
+/**
+ * /api/version/check
+ */
+router
+	.route("/check")
+	.options((_, res) => {
+		res.sendStatus(204);
+	})
+
+	/**
+	 * GET /api/version/check
+	 *
+	 * Check for available updates
+	 */
+	.get(async (req, res, _next) => {
+		try {
+			const data = await internalRemoteVersion.get();
+			res.status(200).send(data);
+		} catch (error) {
+			debug(logger, `${req.method.toUpperCase()} ${req.path}: ${error}`);
+			// Send 200 even though there's an error to avoid triggering update checks repeatedly
+			res.status(200).send({
+				current: null,
+				latest: null,
+				update_available: false,
+			});
+		}
+	});
+
+export default router;

backend/schema/components/certificate-object.json

@@ -71,6 +71,11 @@
 				"propagation_seconds": {
 					"type": "integer",
 					"minimum": 0
+				},
+				"key_type": {
+					"type": "string",
+					"enum": ["rsa", "ecdsa"],
+					"default": "rsa"
 				}
 			},
 			"example": {

backend/schema/components/check-version-object.json

@@ -0,0 +1,23 @@
+{
+	"type": "object",
+	"description": "Check Version object",
+	"additionalProperties": false,
+	"required": ["current", "latest", "update_available"],
+	"properties": {
+		"current": {
+			"type": ["string", "null"],
+			"description": "Current version string",
+			"example": "v2.10.1"
+		},
+		"latest": {
+			"type": ["string", "null"],
+			"description": "Latest version string",
+			"example": "v2.13.4"
+		},
+		"update_available": {
+			"type": "boolean",
+			"description": "Whether there's an update available",
+			"example": true
+		}
+	}
+}

backend/schema/components/token-challenge.json

@@ -0,0 +1,18 @@
+{
+	"type": "object",
+	"description": "Token object",
+	"required": ["requires_2fa", "challenge_token"],
+	"additionalProperties": false,
+	"properties": {
+		"requires_2fa": {
+			"description": "Whether this token request requires two-factor authentication",
+			"example": true,
+			"type": "boolean"
+		},
+		"challenge_token": {
+			"description": "Challenge Token used in subsequent 2FA verification",
+			"example": "eyJhbGciOiJSUzUxMiIsInR5cCI6IkpXVCJ9.ey...xaHKYr3Kk6MvkUjcC4",
+			"type": "string"
+		}
+	}
+}

backend/schema/paths/tokens/2fa/post.json

@@ -0,0 +1,55 @@
+{
+	"operationId": "loginWith2FA",
+	"summary": "Verify 2FA code and get full token",
+	"tags": ["tokens"],
+	"requestBody": {
+		"description": "2fa Challenge Payload",
+		"required": true,
+		"content": {
+			"application/json": {
+				"schema": {
+					"additionalProperties": false,
+					"properties": {
+						"challenge_token": {
+							"minLength": 1,
+							"type": "string",
+							"example": "eyJhbGciOiJSUzUxMiIsInR5cCI6IkpXVCJ9.ey...xaHKYr3Kk6MvkUjcC4"
+						},
+						"code": {
+							"minLength": 6,
+							"maxLength": 6,
+							"type": "string",
+							"example": "012345"
+						}
+					},
+					"required": ["challenge_token", "code"],
+					"type": "object"
+				},
+				"example": {
+					"challenge_token": "eyJhbGciOiJSUzUxMiIsInR5cCI6IkpXVCJ9.ey...xaHKYr3Kk6MvkUjcC4",
+					"code": "012345"
+				}
+			}
+		}
+	},
+	"responses": {
+		"200": {
+			"content": {
+				"application/json": {
+					"examples": {
+						"default": {
+							"value": {
+								"expires": "2025-02-04T20:40:46.340Z",
+								"token": "eyJhbGciOiJSUzUxMiIsInR5cCI6IkpXVCJ9.ey...xaHKYr3Kk6MvkUjcC4"
+							}
+						}
+					},
+					"schema": {
+						"$ref": "../../../components/token-object.json"
+					}
+				}
+			},
+			"description": "200 response"
+		}
+	}
+}

backend/schema/paths/tokens/post.json

@@ -50,7 +50,14 @@
 						}
 					},
 					"schema": {
-						"$ref": "../../components/token-object.json"
+						"oneOf": [
+							{
+								"$ref": "../../components/token-object.json"
+							},
+							{
+								"$ref": "../../components/token-challenge.json"
+							}
+						]
 					}
 				}
 			},

backend/schema/paths/users/userID/2fa/backup-codes/post.json

@@ -0,0 +1,92 @@
+{
+	"operationId": "regenUser2faCodes",
+	"summary": "Regenerate 2FA backup codes",
+	"tags": ["users"],
+	"parameters": [
+		{
+			"in": "path",
+			"name": "userID",
+			"schema": {
+				"type": "integer",
+				"minimum": 1
+			},
+			"required": true,
+			"description": "User ID",
+			"example": 2
+		}
+	],
+	"requestBody": {
+		"description": "Verififcation Payload",
+		"required": true,
+		"content": {
+			"application/json": {
+				"schema": {
+					"additionalProperties": false,
+					"properties": {
+						"code": {
+							"minLength": 6,
+							"maxLength": 6,
+							"type": "string",
+							"example": "123456"
+						}
+					},
+					"required": ["code"],
+					"type": "object"
+				},
+				"example": {
+					"code": "123456"
+				}
+			}
+		}
+	},
+	"responses": {
+		"200": {
+			"content": {
+				"application/json": {
+					"examples": {
+						"default": {
+							"value": {
+								"backup_codes": [
+									"6CD7CB06",
+									"495302F3",
+									"D8037852",
+									"A6FFC956",
+									"BC1A1851",
+									"A05E644F",
+									"A406D2E8",
+									"0AE3C522"
+								]
+							}
+						}
+					},
+					"schema": {
+						"type": "object",
+						"required": ["backup_codes"],
+						"additionalProperties": false,
+						"properties": {
+							"backup_codes": {
+								"description": "Backup codes",
+								"example": [
+									"6CD7CB06",
+									"495302F3",
+									"D8037852",
+									"A6FFC956",
+									"BC1A1851",
+									"A05E644F",
+									"A406D2E8",
+									"0AE3C522"
+								],
+								"type": "array",
+								"items": {
+									"type": "string",
+									"example": "6CD7CB06"
+								}
+							}
+						}
+					}
+				}
+			},
+			"description": "200 response"
+		}
+	}
+}

backend/schema/paths/users/userID/2fa/delete.json

@@ -0,0 +1,48 @@
+{
+	"operationId": "disableUser2fa",
+	"summary": "Disable 2fa for user",
+	"tags": ["users"],
+	"parameters": [
+		{
+			"in": "path",
+			"name": "userID",
+			"schema": {
+				"type": "integer",
+				"minimum": 1
+			},
+			"required": true,
+			"description": "User ID",
+			"example": 2
+		},
+		{
+			"in": "query",
+			"name": "code",
+			"schema": {
+				"type": "string",
+				"minLength": 6,
+				"maxLength": 6,
+				"example": "012345"
+			},
+			"required": true,
+			"description": "2fa Code",
+			"example": "012345"
+		}
+	],
+	"responses": {
+		"200": {
+			"content": {
+				"application/json": {
+					"examples": {
+						"default": {
+							"value": true
+						}
+					},
+					"schema": {
+						"type": "boolean"
+					}
+				}
+			},
+			"description": "200 response"
+		}
+	}
+}

backend/schema/paths/users/userID/2fa/enable/post.json

@@ -0,0 +1,92 @@
+{
+	"operationId": "enableUser2fa",
+	"summary": "Verify code and enable 2FA",
+	"tags": ["users"],
+	"parameters": [
+		{
+			"in": "path",
+			"name": "userID",
+			"schema": {
+				"type": "integer",
+				"minimum": 1
+			},
+			"required": true,
+			"description": "User ID",
+			"example": 2
+		}
+	],
+	"requestBody": {
+		"description": "Verififcation Payload",
+		"required": true,
+		"content": {
+			"application/json": {
+				"schema": {
+					"additionalProperties": false,
+					"properties": {
+						"code": {
+							"minLength": 6,
+							"maxLength": 6,
+							"type": "string",
+							"example": "123456"
+						}
+					},
+					"required": ["code"],
+					"type": "object"
+				},
+				"example": {
+					"code": "123456"
+				}
+			}
+		}
+	},
+	"responses": {
+		"200": {
+			"content": {
+				"application/json": {
+					"examples": {
+						"default": {
+							"value": {
+								"backup_codes": [
+									"6CD7CB06",
+									"495302F3",
+									"D8037852",
+									"A6FFC956",
+									"BC1A1851",
+									"A05E644F",
+									"A406D2E8",
+									"0AE3C522"
+								]
+							}
+						}
+					},
+					"schema": {
+						"type": "object",
+						"required": ["backup_codes"],
+						"additionalProperties": false,
+						"properties": {
+							"backup_codes": {
+								"description": "Backup codes",
+								"example": [
+									"6CD7CB06",
+									"495302F3",
+									"D8037852",
+									"A6FFC956",
+									"BC1A1851",
+									"A05E644F",
+									"A406D2E8",
+									"0AE3C522"
+								],
+								"type": "array",
+								"items": {
+									"type": "string",
+									"example": "6CD7CB06"
+								}
+							}
+						}
+					}
+				}
+			},
+			"description": "200 response"
+		}
+	}
+}

backend/schema/paths/users/userID/2fa/get.json

@@ -0,0 +1,57 @@
+{
+	"operationId": "getUser2faStatus",
+	"summary": "Get user 2fa Status",
+	"tags": ["users"],
+	"security": [
+		{
+			"bearerAuth": []
+		}
+	],
+	"parameters": [
+		{
+			"in": "path",
+			"name": "userID",
+			"schema": {
+				"type": "integer",
+				"minimum": 1
+			},
+			"required": true,
+			"description": "User ID",
+			"example": 2
+		}
+	],
+	"responses": {
+		"200": {
+			"description": "200 response",
+			"content": {
+				"application/json": {
+					"examples": {
+						"default": {
+							"value": {
+								"enabled": false,
+								"backup_codes_remaining": 0
+							}
+						}
+					},
+					"schema": {
+						"type": "object",
+						"additionalProperties": false,
+						"required": ["enabled", "backup_codes_remaining"],
+						"properties": {
+							"enabled": {
+								"type": "boolean",
+								"description": "Is 2FA enabled for this user",
+								"example": true
+							},
+							"backup_codes_remaining": {
+								"type": "integer",
+								"description": "Number of remaining backup codes for this user",
+								"example": 5
+							}
+						}
+					}
+				}
+			}
+		}
+	}
+}

backend/schema/paths/users/userID/2fa/post.json

@@ -0,0 +1,52 @@
+{
+	"operationId": "setupUser2fa",
+	"summary": "Start 2FA setup, returns QR code URL",
+	"tags": ["users"],
+	"parameters": [
+		{
+			"in": "path",
+			"name": "userID",
+			"schema": {
+				"type": "integer",
+				"minimum": 1
+			},
+			"required": true,
+			"description": "User ID",
+			"example": 2
+		}
+	],
+	"responses": {
+		"200": {
+			"content": {
+				"application/json": {
+					"examples": {
+						"default": {
+							"value": {
+								"secret": "JZYCEBIEEJYUGPQM",
+								"otpauth_url": "otpauth://totp/Nginx%20Proxy%20Manager:jc%40jc21.com?secret=JZYCEBIEEJYUGPQM&period=30&digits=6&algorithm=SHA1&issuer=Nginx%20Proxy%20Manager"
+							}
+						}
+					},
+					"schema": {
+						"type": "object",
+						"required": ["secret", "otpauth_url"],
+						"additionalProperties": false,
+						"properties": {
+							"secret": {
+								"description": "TOTP Secret",
+								"example": "JZYCEBIEEJYUGPQM",
+								"type": "string"
+							},
+							"otpauth_url": {
+								"description": "OTP Auth URL for QR Code generation",
+								"example": "otpauth://totp/Nginx%20Proxy%20Manager:jc%40jc21.com?secret=JZYCEBIEEJYUGPQM&period=30&digits=6&algorithm=SHA1&issuer=Nginx%20Proxy%20Manager",
+								"type": "string"
+							}
+						}
+					}
+				}
+			},
+			"description": "200 response"
+		}
+	}
+}

backend/schema/paths/version/check/get.json

@@ -0,0 +1,26 @@
+{
+	"operationId": "checkVersion",
+	"summary": "Returns any new version data from github",
+	"tags": ["public"],
+	"responses": {
+		"200": {
+			"description": "200 response",
+			"content": {
+				"application/json": {
+					"examples": {
+						"default": {
+							"value": {
+								"current": "v2.12.0",
+								"latest": "v2.13.4",
+								"update_available": true
+							}
+						}
+					},
+					"schema": {
+						"$ref": "../../../components/check-version-object.json"
+					}
+				}
+			}
+		}
+	}
+}

backend/schema/swagger.json

@@ -293,6 +293,16 @@
 				"$ref": "./paths/tokens/post.json"
 			}
 		},
+		"/tokens/2fa": {
+			"post": {
+				"$ref": "./paths/tokens/2fa/post.json"
+			}
+		},
+		"/version/check": {
+			"get": {
+				"$ref": "./paths/version/check/get.json"
+			}
+		},
 		"/users": {
 			"get": {
 				"$ref": "./paths/users/get.json"
@@ -312,6 +322,27 @@
 				"$ref": "./paths/users/userID/delete.json"
 			}
 		},
+		"/users/{userID}/2fa": {
+			"post": {
+				"$ref": "./paths/users/userID/2fa/post.json"
+			},
+			"get": {
+				"$ref": "./paths/users/userID/2fa/get.json"
+			},
+			"delete": {
+				"$ref": "./paths/users/userID/2fa/delete.json"
+			}
+		},
+		"/users/{userID}/2fa/enable": {
+			"post": {
+				"$ref": "./paths/users/userID/2fa/enable/post.json"
+			}
+		},
+		"/users/{userID}/2fa/backup-codes": {
+			"post": {
+				"$ref": "./paths/users/userID/2fa/backup-codes/post.json"
+			}
+		},
 		"/users/{userID}/auth": {
 			"put": {
 				"$ref": "./paths/users/userID/auth/put.json"

backend/templates/stream.conf

@@ -12,6 +12,9 @@ server {
 
   proxy_pass {{ forwarding_host }}:{{ forwarding_port }};
 
+  access_log /data/logs/stream-{{ id }}_access.log stream;
+  error_log /data/logs/stream-{{ id }}_error.log warn;
+
   # Custom
   include /data/nginx/custom/server_stream[.]conf;
   include /data/nginx/custom/server_stream_tcp[.]conf;
@@ -25,9 +28,12 @@ server {
 
   proxy_pass {{ forwarding_host }}:{{ forwarding_port }};
 
+  access_log /data/logs/stream-{{ id }}_access.log stream;
+  error_log /data/logs/stream-{{ id }}_error.log warn;
+
   # Custom
   include /data/nginx/custom/server_stream[.]conf;
   include /data/nginx/custom/server_stream_udp[.]conf;
 }
 {% endif %}
-{% endif %}
+{% endif %}

backend/yarn.lock

@@ -138,6 +138,44 @@
     mkdirp "^1.0.4"
     rimraf "^3.0.2"
 
+"@otplib/core@^12.0.1":
+  version "12.0.1"
+  resolved "https://registry.yarnpkg.com/@otplib/core/-/core-12.0.1.tgz#73720a8cedce211fe5b3f683cd5a9c098eaf0f8d"
+  integrity sha512-4sGntwbA/AC+SbPhbsziRiD+jNDdIzsZ3JUyfZwjtKyc/wufl1pnSIaG4Uqx8ymPagujub0o92kgBnB89cuAMA==
+
+"@otplib/plugin-crypto@^12.0.1":
+  version "12.0.1"
+  resolved "https://registry.yarnpkg.com/@otplib/plugin-crypto/-/plugin-crypto-12.0.1.tgz#2b42c624227f4f9303c1c041fca399eddcbae25e"
+  integrity sha512-qPuhN3QrT7ZZLcLCyKOSNhuijUi9G5guMRVrxq63r9YNOxxQjPm59gVxLM+7xGnHnM6cimY57tuKsjK7y9LM1g==
+  dependencies:
+    "@otplib/core" "^12.0.1"
+
+"@otplib/plugin-thirty-two@^12.0.1":
+  version "12.0.1"
+  resolved "https://registry.yarnpkg.com/@otplib/plugin-thirty-two/-/plugin-thirty-two-12.0.1.tgz#5cc9b56e6e89f2a1fe4a2b38900ca4e11c87aa9e"
+  integrity sha512-MtT+uqRso909UkbrrYpJ6XFjj9D+x2Py7KjTO9JDPhL0bJUYVu5kFP4TFZW4NFAywrAtFRxOVY261u0qwb93gA==
+  dependencies:
+    "@otplib/core" "^12.0.1"
+    thirty-two "^1.0.2"
+
+"@otplib/preset-default@^12.0.1":
+  version "12.0.1"
+  resolved "https://registry.yarnpkg.com/@otplib/preset-default/-/preset-default-12.0.1.tgz#cb596553c08251e71b187ada4a2246ad2a3165ba"
+  integrity sha512-xf1v9oOJRyXfluBhMdpOkr+bsE+Irt+0D5uHtvg6x1eosfmHCsCC6ej/m7FXiWqdo0+ZUI6xSKDhJwc8yfiOPQ==
+  dependencies:
+    "@otplib/core" "^12.0.1"
+    "@otplib/plugin-crypto" "^12.0.1"
+    "@otplib/plugin-thirty-two" "^12.0.1"
+
+"@otplib/preset-v11@^12.0.1":
+  version "12.0.1"
+  resolved "https://registry.yarnpkg.com/@otplib/preset-v11/-/preset-v11-12.0.1.tgz#4c7266712e7230500b421ba89252963c838fc96d"
+  integrity sha512-9hSetMI7ECqbFiKICrNa4w70deTUfArtwXykPUvSHWOdzOlfa9ajglu7mNCntlvxycTiOAXkQGwjQCzzDEMRMg==
+  dependencies:
+    "@otplib/core" "^12.0.1"
+    "@otplib/plugin-crypto" "^12.0.1"
+    "@otplib/plugin-thirty-two" "^12.0.1"
+
 "@tootallnate/once@1":
   version "1.1.2"
   resolved "https://registry.yarnpkg.com/@tootallnate/once/-/once-1.1.2.tgz#ccb91445360179a04e7fe6aff78c00ffc1eeaf82"
@@ -389,23 +427,23 @@ blueimp-md5@^2.16.0:
   resolved "https://registry.yarnpkg.com/blueimp-md5/-/blueimp-md5-2.19.0.tgz#b53feea5498dcb53dc6ec4b823adb84b729c4af0"
   integrity sha512-DRQrD6gJyy8FbiE4s+bDoXS9hiW3Vbx5uCdwvcCf3zLHL+Iv7LtGHLpr+GZV8rHG8tK766FGYBwRbu8pELTt+w==
 
-body-parser@1.20.3, body-parser@^1.20.3:
-  version "1.20.3"
-  resolved "https://registry.yarnpkg.com/body-parser/-/body-parser-1.20.3.tgz#1953431221c6fb5cd63c4b36d53fab0928e548c6"
-  integrity sha512-7rAxByjUMqQ3/bHJy7D6OGXvx/MMc4IqBn/X0fcM1QUcAItpZrBEYhWGem+tzXH90c+G01ypMcYJBO9Y30203g==
+body-parser@^1.20.3, body-parser@~1.20.3:
+  version "1.20.4"
+  resolved "https://registry.yarnpkg.com/body-parser/-/body-parser-1.20.4.tgz#f8e20f4d06ca8a50a71ed329c15dccad1cdc547f"
+  integrity sha512-ZTgYYLMOXY9qKU/57FAo8F+HA2dGX7bqGc71txDRC1rS4frdFI5R7NhluHxH6M0YItAP0sHB4uqAOcYKxO6uGA==
   dependencies:
-    bytes "3.1.2"
+    bytes "~3.1.2"
     content-type "~1.0.5"
     debug "2.6.9"
     depd "2.0.0"
-    destroy "1.2.0"
-    http-errors "2.0.0"
-    iconv-lite "0.4.24"
-    on-finished "2.4.1"
-    qs "6.13.0"
-    raw-body "2.5.2"
+    destroy "~1.2.0"
+    http-errors "~2.0.1"
+    iconv-lite "~0.4.24"
+    on-finished "~2.4.1"
+    qs "~6.14.0"
+    raw-body "~2.5.3"
     type-is "~1.6.18"
-    unpipe "1.0.0"
+    unpipe "~1.0.0"
 
 brace-expansion@^1.1.7:
   version "1.1.12"
@@ -454,7 +492,7 @@ busboy@^1.6.0:
   dependencies:
     streamsearch "^1.1.0"
 
-bytes@3.1.2:
+bytes@3.1.2, bytes@~3.1.2:
   version "3.1.2"
   resolved "https://registry.yarnpkg.com/bytes/-/bytes-3.1.2.tgz#8b0beeb98605adf1b128fa4386403c009e0221a5"
   integrity sha512-/Nf7TyzTx6S3yRJObOAV7956r8cr2+Oj8AC5dt8wSP3BQAoeX58NoHyCU8P8zGkNXStjTSi6fzO6F0pBdcYbEg==
@@ -649,7 +687,7 @@ console-control-strings@^1.0.0, console-control-strings@^1.1.0:
   resolved "https://registry.yarnpkg.com/console-control-strings/-/console-control-strings-1.1.0.tgz#3d7cf4464db6446ea644bf4b39507f9851008e8e"
   integrity sha512-ty/fTekppD2fIwRvnZAVdeOiGd1c7YXEixbgJTNzqcxJWKQnjJ/V1bNEEE6hygpM3WjwHFUVK6HTjWSzV4a8sQ==
 
-content-disposition@0.5.4:
+content-disposition@~0.5.4:
   version "0.5.4"
   resolved "https://registry.yarnpkg.com/content-disposition/-/content-disposition-0.5.4.tgz#8b82b4efac82512a02bb0b1dcec9d2c5e8eb5bfe"
   integrity sha512-FveZTNuGw04cxlAiWbzi6zTAL/lhehaWbTtgluJh4/E95DqMwTmha3KZN1aAWA8cFIhHzMZUvLevkw5Rqk+tSQ==
@@ -661,15 +699,15 @@ content-type@~1.0.4, content-type@~1.0.5:
   resolved "https://registry.yarnpkg.com/content-type/-/content-type-1.0.5.tgz#8b773162656d1d1086784c8f23a54ce6d73d7918"
   integrity sha512-nTjqfcBFEipKdXCv4YDQWCfmcLZKm81ldF0pAopTvyrFGVbcR6P/VAAd5G7N+0tTr8QqiU0tFadD6FK4NtJwOA==
 
-cookie-signature@1.0.6:
-  version "1.0.6"
-  resolved "https://registry.yarnpkg.com/cookie-signature/-/cookie-signature-1.0.6.tgz#e303a882b342cc3ee8ca513a79999734dab3ae2c"
-  integrity sha512-QADzlaHc8icV8I7vbaJXJwod9HWYp8uCqf1xa4OfNu1T7JVxQIrUgOWtHdNDtPiywmFbiS12VjotIXLrKM3orQ==
+cookie-signature@~1.0.6:
+  version "1.0.7"
+  resolved "https://registry.yarnpkg.com/cookie-signature/-/cookie-signature-1.0.7.tgz#ab5dd7ab757c54e60f37ef6550f481c426d10454"
+  integrity sha512-NXdYc3dLr47pBkpUCHtKSwIOQXLVn8dZEuywboCOJY/osA0wFSLlSawr3KN8qXJEyX66FcONTH8EIlVuK0yyFA==
 
-cookie@0.7.1:
-  version "0.7.1"
-  resolved "https://registry.yarnpkg.com/cookie/-/cookie-0.7.1.tgz#2f73c42142d5d5cf71310a74fc4ae61670e5dbc9"
-  integrity sha512-6DnInpx7SJ2AK3+CTUE/ZM0vWTUboZCegxhC2xiIydHR9jNuTAASBrfEpHhiGOZw/nX51bHt6YQl8jsGo4y/0w==
+cookie@~0.7.1:
+  version "0.7.2"
+  resolved "https://registry.yarnpkg.com/cookie/-/cookie-0.7.2.tgz#556369c472a2ba910f2979891b526b3436237ed7"
+  integrity sha512-yki5XnKuf750l50uGTllt6kKILY4nQ1eNIQatoXEByZ5dWgnKqbnqmTrBE5B4N7lrMJKQ2ytWMiTO2o0v6Ew/w==
 
 core-util-is@~1.0.0:
   version "1.0.3"
@@ -706,10 +744,10 @@ debug@2.6.9:
   dependencies:
     ms "2.0.0"
 
-debug@4, debug@^4.3.3:
-  version "4.4.1"
-  resolved "https://registry.yarnpkg.com/debug/-/debug-4.4.1.tgz#e5a8bc6cbc4c6cd3e64308b0693a3d4fa550189b"
-  integrity sha512-KcKCqiftBJcZr++7ykoDIEwSa3XWowTfNPo92BYxjXiyYEVrUQh2aLyhxBCwww+heortUFxEJYcRzosstTEBYQ==
+debug@4, debug@^4.3.3, debug@^4.3.4:
+  version "4.4.3"
+  resolved "https://registry.yarnpkg.com/debug/-/debug-4.4.3.tgz#c6ae432d9bd9662582fce08709b038c58e9e3d6a"
+  integrity sha512-RGwwWnwQvkVfavKVt22FGLw+xYSdzARwm0ru6DhTVA3umU5hZc28V3kO4stgYryrTlLpuvgI9GiijltAjNbcqA==
   dependencies:
     ms "^2.1.3"
 
@@ -727,13 +765,6 @@ debug@^3.2.7:
   dependencies:
     ms "^2.1.1"
 
-debug@^4.3.4:
-  version "4.4.3"
-  resolved "https://registry.yarnpkg.com/debug/-/debug-4.4.3.tgz#c6ae432d9bd9662582fce08709b038c58e9e3d6a"
-  integrity sha512-RGwwWnwQvkVfavKVt22FGLw+xYSdzARwm0ru6DhTVA3umU5hZc28V3kO4stgYryrTlLpuvgI9GiijltAjNbcqA==
-  dependencies:
-    ms "^2.1.3"
-
 decamelize@^1.2.0:
   version "1.2.0"
   resolved "https://registry.yarnpkg.com/decamelize/-/decamelize-1.2.0.tgz#f6534d15148269b20352e7bee26f501f9a191290"
@@ -770,12 +801,12 @@ denque@^2.1.0:
   resolved "https://registry.yarnpkg.com/denque/-/denque-2.1.0.tgz#e93e1a6569fb5e66f16a3c2a2964617d349d6ab1"
   integrity sha512-HVQE3AAb/pxF8fQAoiqpvg9i3evqug3hoiwakOyZAwJm+6vZehbkYXZ0l4JxS+I3QxM97v5aaRNhj8v5oBhekw==
 
-depd@2.0.0:
+depd@2.0.0, depd@~2.0.0:
   version "2.0.0"
   resolved "https://registry.yarnpkg.com/depd/-/depd-2.0.0.tgz#b696163cc757560d09cf22cc8fad1571b79e76df"
   integrity sha512-g7nH6P6dyDioJogAAGprGpCtVImJhpPk/roCzdb3fIh61/s/nPsfR6onyMwkCAR/OlC3yBC0lESvUoQEAssIrw==
 
-destroy@1.2.0:
+destroy@1.2.0, destroy@~1.2.0:
   version "1.2.0"
   resolved "https://registry.yarnpkg.com/destroy/-/destroy-1.2.0.tgz#4803735509ad8be552934c67df614f94e66fa015"
   integrity sha512-2sJGJTaXIIaR1w4iJSNoN0hnMY7Gpc/n8D4qSCJw8QqFWXf7cuAgnEHxBpweaVcPevC2l3KpjYCx3NypQQgaJg==
@@ -816,11 +847,6 @@ emoji-regex@^8.0.0:
   resolved "https://registry.yarnpkg.com/emoji-regex/-/emoji-regex-8.0.0.tgz#e818fd69ce5ccfcb404594f842963bf53164cc37"
   integrity sha512-MSjYzcWNOA0ewAHpz0MxpYFvwg6yjy1NG3xteoqz644VCo/RPgnr1/GGt+ic3iJTzQ8Eu3TdM14SawnVUmGE6A==
 
-encodeurl@~1.0.2:
-  version "1.0.2"
-  resolved "https://registry.yarnpkg.com/encodeurl/-/encodeurl-1.0.2.tgz#ad3ff4c86ec2d029322f5a02c3a9a606c95b3f59"
-  integrity sha512-TPJXq8JqFaVYm2CWmPvnP2Iyo4ZSM7/QKcSmuMLDObfpH5fi7RUGmd/rTDf+rut/saiDiQEeVTNgAmJEdAOx0w==
-
 encodeurl@~2.0.0:
   version "2.0.0"
   resolved "https://registry.yarnpkg.com/encodeurl/-/encodeurl-2.0.0.tgz#7b8ea898077d7e409d3ac45474ea38eaf0857a58"
@@ -937,39 +963,39 @@ express-fileupload@^1.5.2:
   dependencies:
     busboy "^1.6.0"
 
-express@^4.20.0:
-  version "4.21.2"
-  resolved "https://registry.yarnpkg.com/express/-/express-4.21.2.tgz#cf250e48362174ead6cea4a566abef0162c1ec32"
-  integrity sha512-28HqgMZAmih1Czt9ny7qr6ek2qddF4FclbMzwhCREB6OFfH+rXAnuNCwo1/wFvrtbgsQDb4kSbX9de9lFbrXnA==
+express@^4.22.0:
+  version "4.22.0"
+  resolved "https://registry.yarnpkg.com/express/-/express-4.22.0.tgz#a9d7abdce6d774ed1b4479019387763d1798bd03"
+  integrity sha512-c2iPh3xp5vvCLgaHK03+mWLFPhox7j1LwyxcZwFVApEv5i0X+IjPpbT50SJJwwLpdBVfp45AkK/v+AFgv/XlfQ==
   dependencies:
     accepts "~1.3.8"
     array-flatten "1.1.1"
-    body-parser "1.20.3"
-    content-disposition "0.5.4"
+    body-parser "~1.20.3"
+    content-disposition "~0.5.4"
     content-type "~1.0.4"
-    cookie "0.7.1"
-    cookie-signature "1.0.6"
+    cookie "~0.7.1"
+    cookie-signature "~1.0.6"
     debug "2.6.9"
     depd "2.0.0"
     encodeurl "~2.0.0"
     escape-html "~1.0.3"
     etag "~1.8.1"
-    finalhandler "1.3.1"
-    fresh "0.5.2"
-    http-errors "2.0.0"
+    finalhandler "~1.3.1"
+    fresh "~0.5.2"
+    http-errors "~2.0.0"
     merge-descriptors "1.0.3"
     methods "~1.1.2"
-    on-finished "2.4.1"
+    on-finished "~2.4.1"
     parseurl "~1.3.3"
-    path-to-regexp "0.1.12"
+    path-to-regexp "~0.1.12"
     proxy-addr "~2.0.7"
-    qs "6.13.0"
+    qs "~6.14.0"
     range-parser "~1.2.1"
     safe-buffer "5.2.1"
-    send "0.19.0"
-    serve-static "1.16.2"
+    send "~0.19.0"
+    serve-static "~1.16.2"
     setprototypeof "1.2.0"
-    statuses "2.0.1"
+    statuses "~2.0.1"
     type-is "~1.6.18"
     utils-merge "1.0.1"
     vary "~1.1.2"
@@ -1003,17 +1029,17 @@ fill-range@^7.1.1:
   dependencies:
     to-regex-range "^5.0.1"
 
-finalhandler@1.3.1:
-  version "1.3.1"
-  resolved "https://registry.yarnpkg.com/finalhandler/-/finalhandler-1.3.1.tgz#0c575f1d1d324ddd1da35ad7ece3df7d19088019"
-  integrity sha512-6BN9trH7bp3qvnrRyzsBz+g3lZxTNZTbVO2EV1CS0WIcDbawYVdYvGflME/9QP0h0pYlCDBCTjYa9nZzMDpyxQ==
+finalhandler@~1.3.1:
+  version "1.3.2"
+  resolved "https://registry.yarnpkg.com/finalhandler/-/finalhandler-1.3.2.tgz#1ebc2228fc7673aac4a472c310cc05b77d852b88"
+  integrity sha512-aA4RyPcd3badbdABGDuTXCMTtOneUCAYH/gxoYRTZlIJdF0YPWuGqiAsIrhNnnqdXGswYk6dGujem4w80UJFhg==
   dependencies:
     debug "2.6.9"
     encodeurl "~2.0.0"
     escape-html "~1.0.3"
-    on-finished "2.4.1"
+    on-finished "~2.4.1"
     parseurl "~1.3.3"
-    statuses "2.0.1"
+    statuses "~2.0.2"
     unpipe "~1.0.0"
 
 find-up@^2.0.0:
@@ -1036,7 +1062,7 @@ forwarded@0.2.0:
   resolved "https://registry.yarnpkg.com/forwarded/-/forwarded-0.2.0.tgz#2269936428aad4c15c7ebe9779a84bf0b2a81811"
   integrity sha512-buRG0fpBtRHSTCOASe6hD258tEubFoRLb4ZNA6NxMVHNw2gOcwHo9wyablzMzOA5z9xA9L1KNjk/Nt6MT9aYow==
 
-fresh@0.5.2:
+fresh@~0.5.2:
   version "0.5.2"
   resolved "https://registry.yarnpkg.com/fresh/-/fresh-0.5.2.tgz#3d8cadd90d976569fa835ab1f8e4b23a105605a7"
   integrity sha512-zJ2mQYM18rEFOudeV4GShTGIQ7RbzA7ozbU9I/XBpm7kqgMywgmylMwXHxZJmkVoYkna9d2pVXVXPdYTP9ej8Q==
@@ -1228,16 +1254,16 @@ http-cache-semantics@^4.1.0:
   resolved "https://registry.yarnpkg.com/http-cache-semantics/-/http-cache-semantics-4.2.0.tgz#205f4db64f8562b76a4ff9235aa5279839a09dd5"
   integrity sha512-dTxcvPXqPvXBQpq5dUr6mEMJX4oIEFv6bwom3FDwKRDsuIjjJGANqhBuoAn9c1RQJIdAKav33ED65E2ys+87QQ==
 
-http-errors@2.0.0:
-  version "2.0.0"
-  resolved "https://registry.yarnpkg.com/http-errors/-/http-errors-2.0.0.tgz#b7774a1486ef73cf7667ac9ae0858c012c57b9d3"
-  integrity sha512-FtwrG/euBzaEjYeRqOgly7G0qviiXoJWnvEH2Z1plBdXgbyjv34pHTSb9zoeHMyDy33+DWy5Wt9Wo+TURtOYSQ==
+http-errors@~2.0.0, http-errors@~2.0.1:
+  version "2.0.1"
+  resolved "https://registry.yarnpkg.com/http-errors/-/http-errors-2.0.1.tgz#36d2f65bc909c8790018dd36fb4d93da6caae06b"
+  integrity sha512-4FbRdAX+bSdmo4AUFuS0WNiPz8NgFt+r8ThgNWmlrjQjt1Q7ZR9+zTlce2859x4KSXrwIsaeTqDoKQmtP8pLmQ==
   dependencies:
-    depd "2.0.0"
-    inherits "2.0.4"
-    setprototypeof "1.2.0"
-    statuses "2.0.1"
-    toidentifier "1.0.1"
+    depd "~2.0.0"
+    inherits "~2.0.4"
+    setprototypeof "~1.2.0"
+    statuses "~2.0.2"
+    toidentifier "~1.0.1"
 
 http-proxy-agent@^4.0.1:
   version "4.0.1"
@@ -1279,13 +1305,6 @@ humanize-ms@^1.2.1:
   dependencies:
     ms "^2.0.0"
 
-iconv-lite@0.4.24:
-  version "0.4.24"
-  resolved "https://registry.yarnpkg.com/iconv-lite/-/iconv-lite-0.4.24.tgz#2022b4b25fbddc21d2f524974a474aafe733908b"
-  integrity sha512-v3MXnZAcvnywkTUEZomIActle7RXXeedOR31wwl7VlyoXO4Qi9arvSenNQWne1TcRwhCL1HwLI21bEqdpj8/rA==
-  dependencies:
-    safer-buffer ">= 2.1.2 < 3"
-
 iconv-lite@^0.6.2:
   version "0.6.3"
   resolved "https://registry.yarnpkg.com/iconv-lite/-/iconv-lite-0.6.3.tgz#a52f80bf38da1952eb5c681790719871a1a72501"
@@ -1300,6 +1319,13 @@ iconv-lite@^0.7.0:
   dependencies:
     safer-buffer ">= 2.1.2 < 3.0.0"
 
+iconv-lite@~0.4.24:
+  version "0.4.24"
+  resolved "https://registry.yarnpkg.com/iconv-lite/-/iconv-lite-0.4.24.tgz#2022b4b25fbddc21d2f524974a474aafe733908b"
+  integrity sha512-v3MXnZAcvnywkTUEZomIActle7RXXeedOR31wwl7VlyoXO4Qi9arvSenNQWne1TcRwhCL1HwLI21bEqdpj8/rA==
+  dependencies:
+    safer-buffer ">= 2.1.2 < 3"
+
 ieee754@^1.1.13:
   version "1.2.1"
   resolved "https://registry.yarnpkg.com/ieee754/-/ieee754-1.2.1.tgz#8eb7a10a63fff25d15a57b001586d177d1b0d352"
@@ -1333,7 +1359,7 @@ inflight@^1.0.4:
     once "^1.3.0"
     wrappy "1"
 
-inherits@2, inherits@2.0.4, inherits@^2.0.3, inherits@^2.0.4, inherits@~2.0.3:
+inherits@2, inherits@^2.0.3, inherits@^2.0.4, inherits@~2.0.3, inherits@~2.0.4:
   version "2.0.4"
   resolved "https://registry.yarnpkg.com/inherits/-/inherits-2.0.4.tgz#0fa2c64f932917c3433a0ded55363aae37416b7c"
   integrity sha512-k/vGaX4/Yla3WzyMCvTQOXYeIHvqOKtnqBduzTHpzpQZzAskKMhZ2K+EnBiSM9zGSoIFeMpXKxa4dYeZIQqewQ==
@@ -1430,9 +1456,9 @@ isexe@^2.0.0:
   integrity sha512-RHxMLp9lnKHGHRng9QFhRCMbYAcVpn69smSGcq3f36xjgVVWThj4qqLbTLlq7Ssj8B+fIQ1EuCEGI2lKsyQeIw==
 
 js-yaml@^4.1.0:
-  version "4.1.0"
-  resolved "https://registry.yarnpkg.com/js-yaml/-/js-yaml-4.1.0.tgz#c1fb65f8f5017901cdd2c951864ba18458a10602"
-  integrity sha512-wpxZs9NoxZaJESJGIZTyDEaYpl0FKSA+FB9aJiyemKhMwkxQg63h4T1KJgUGHpTqPDNRcmmYLugrRjJlBtWvRA==
+  version "4.1.1"
+  resolved "https://registry.yarnpkg.com/js-yaml/-/js-yaml-4.1.1.tgz#854c292467705b699476e1a2decc0c8a3458806b"
+  integrity sha512-qQKT4zQxXl8lLwBtHMWwaTcGfFOZviOJet3Oy/xmGk2gZH677CJM9EvtfdSkgWcATZhj/55JZ0rmy3myCT5lsA==
   dependencies:
     argparse "^2.0.1"
 
@@ -1462,7 +1488,7 @@ jsonwebtoken@^9.0.2:
     ms "^2.1.1"
     semver "^7.5.4"
 
-jwa@^1.4.1:
+jwa@^1.4.2:
   version "1.4.2"
   resolved "https://registry.yarnpkg.com/jwa/-/jwa-1.4.2.tgz#16011ac6db48de7b102777e57897901520eec7b9"
   integrity sha512-eeH5JO+21J78qMvTIDdBXidBd6nG2kZjg5Ohz/1fpa28Z4CcsWUzJ1ZZyFq/3z3N17aZy+ZuBoHljASbL1WfOw==
@@ -1472,11 +1498,11 @@ jwa@^1.4.1:
     safe-buffer "^5.0.1"
 
 jws@^3.2.2:
-  version "3.2.2"
-  resolved "https://registry.yarnpkg.com/jws/-/jws-3.2.2.tgz#001099f3639468c9414000e99995fa52fb478304"
-  integrity sha512-YHlZCB6lMTllWDtSPHz/ZXTsi8S00usEV6v1tjq8tOUZzw7DpSDWVXjXDre6ed1w/pd495ODpHZYSdkRTsa0HA==
+  version "3.2.3"
+  resolved "https://registry.yarnpkg.com/jws/-/jws-3.2.3.tgz#5ac0690b460900a27265de24520526853c0b8ca1"
+  integrity sha512-byiJ0FLRdLdSVSReO/U4E7RoEyOCKnEnEPMjq3HxWtvzLsV08/i5RQKsFVNkCldrCaPr2vDNAOMsfs8T/Hze7g==
   dependencies:
-    jwa "^1.4.1"
+    jwa "^1.4.2"
     safe-buffer "^5.0.1"
 
 knex@2.4.2:
@@ -1959,7 +1985,7 @@ objection@3.0.1:
     ajv "^8.6.2"
     db-errors "^0.2.3"
 
-on-finished@2.4.1:
+on-finished@~2.4.1:
   version "2.4.1"
   resolved "https://registry.yarnpkg.com/on-finished/-/on-finished-2.4.1.tgz#58c8c44116e54845ad57f14ab10b03533184ac3f"
   integrity sha512-oVlzkg3ENAhCk2zdv7IJwd/QUD4z2RxRwpkcGY8psCVcCYZNq4wYnVWALHM+brtuJjePWiYF/ClmuDr8Ch5+kg==
@@ -1978,6 +2004,15 @@ once@^1.3.0, once@^1.3.1, once@^1.4.0:
   dependencies:
     wrappy "1"
 
+otplib@^12.0.1:
+  version "12.0.1"
+  resolved "https://registry.yarnpkg.com/otplib/-/otplib-12.0.1.tgz#c1d3060ab7aadf041ed2960302f27095777d1f73"
+  integrity sha512-xDGvUOQjop7RDgxTQ+o4pOol0/3xSZzawTiPKRrHnQWAy0WjhNs/5HdIDJCrqC4MBynmjXgULc6YfioaxZeFgg==
+  dependencies:
+    "@otplib/core" "^12.0.1"
+    "@otplib/preset-default" "^12.0.1"
+    "@otplib/preset-v11" "^12.0.1"
+
 p-limit@^1.1.0:
   version "1.3.0"
   resolved "https://registry.yarnpkg.com/p-limit/-/p-limit-1.3.0.tgz#b86bd5f0c25690911c7590fcbfc2010d54b3ccb8"
@@ -2078,7 +2113,7 @@ path-parse@^1.0.7:
   resolved "https://registry.yarnpkg.com/path-parse/-/path-parse-1.0.7.tgz#fbc114b60ca42b30d9daf5858e4bd68bbedb6735"
   integrity sha512-LDJzPVEEEPR+y48z93A0Ed0yXb8pAByGWo/k5YYdYgpY2/2EsOsksJrq7lOHxryrVOn1ejG6oAp8ahvOIQD8sw==
 
-path-to-regexp@0.1.12:
+path-to-regexp@~0.1.12:
   version "0.1.12"
   resolved "https://registry.yarnpkg.com/path-to-regexp/-/path-to-regexp-0.1.12.tgz#d5e1a12e478a976d432ef3c58d534b9923164bb7"
   integrity sha512-RA1GjUVMnvYFxuqovrEqZoxxW5NUZqbwKtYz/Tt7nXerk0LbLblQmrsgdeOxV5SFHf0UDggjS/bSeOZwt1pmEQ==
@@ -2273,12 +2308,12 @@ pump@^3.0.0:
     end-of-stream "^1.1.0"
     once "^1.3.1"
 
-qs@6.13.0:
-  version "6.13.0"
-  resolved "https://registry.yarnpkg.com/qs/-/qs-6.13.0.tgz#6ca3bd58439f7e245655798997787b0d88a51906"
-  integrity sha512-+38qI9SOr8tfZ4QmJNplMUxqjbe7LKvvZgWdExBOmd+egZTtjLB67Gu0HRX3u/XOq7UU2Nx6nsjvS16Z9uwfpg==
+qs@~6.14.0:
+  version "6.14.1"
+  resolved "https://registry.yarnpkg.com/qs/-/qs-6.14.1.tgz#a41d85b9d3902f31d27861790506294881871159"
+  integrity sha512-4EK3+xJl8Ts67nLYNwqw/dsFVnCf+qR7RgXSK9jEEm9unao3njwMDdmsdvoKBKHzxd7tCYz5e5M+SnMjdtXGQQ==
   dependencies:
-    side-channel "^1.0.6"
+    side-channel "^1.1.0"
 
 querystring@0.2.0:
   version "0.2.0"
@@ -2290,15 +2325,15 @@ range-parser@~1.2.1:
   resolved "https://registry.yarnpkg.com/range-parser/-/range-parser-1.2.1.tgz#3cf37023d199e1c24d1a55b84800c2f3e6468031"
   integrity sha512-Hrgsx+orqoygnmhFbKaHE6c296J+HTAQXoxEF6gNupROmmGJRoyzfG3ccAveqCBrwr/2yxQ5BVd/GTl5agOwSg==
 
-raw-body@2.5.2:
-  version "2.5.2"
-  resolved "https://registry.yarnpkg.com/raw-body/-/raw-body-2.5.2.tgz#99febd83b90e08975087e8f1f9419a149366b68a"
-  integrity sha512-8zGqypfENjCIqGhgXToC8aB2r7YrBX+AQAfIPs/Mlk+BtPTztOvTS01NRW/3Eh60J+a48lt8qsCzirQ6loCVfA==
+raw-body@~2.5.3:
+  version "2.5.3"
+  resolved "https://registry.yarnpkg.com/raw-body/-/raw-body-2.5.3.tgz#11c6650ee770a7de1b494f197927de0c923822e2"
+  integrity sha512-s4VSOf6yN0rvbRZGxs8Om5CWj6seneMwK3oDb4lWDH0UPhWcxwOWw5+qk24bxq87szX1ydrwylIOp2uG1ojUpA==
   dependencies:
-    bytes "3.1.2"
-    http-errors "2.0.0"
-    iconv-lite "0.4.24"
-    unpipe "1.0.0"
+    bytes "~3.1.2"
+    http-errors "~2.0.1"
+    iconv-lite "~0.4.24"
+    unpipe "~1.0.0"
 
 rc@^1.2.7:
   version "1.2.8"
@@ -2429,46 +2464,46 @@ semver@~7.0.0:
   resolved "https://registry.yarnpkg.com/semver/-/semver-7.0.0.tgz#5f3ca35761e47e05b206c6daff2cf814f0316b8e"
   integrity sha512-+GB6zVA9LWh6zovYQLALHwv5rb2PHGlJi3lfiqIHxR0uuwCgefcOJc59v9fv1w8GbStwxuuqqAjI9NMAOOgq1A==
 
-send@0.19.0:
-  version "0.19.0"
-  resolved "https://registry.yarnpkg.com/send/-/send-0.19.0.tgz#bbc5a388c8ea6c048967049dbeac0e4a3f09d7f8"
-  integrity sha512-dW41u5VfLXu8SJh5bwRmyYUbAoSB3c9uQh6L8h/KtsFREPWpbX1lrljJo186Jc4nmci/sGUZ9a0a0J2zgfq2hw==
+send@~0.19.0, send@~0.19.1:
+  version "0.19.2"
+  resolved "https://registry.yarnpkg.com/send/-/send-0.19.2.tgz#59bc0da1b4ea7ad42736fd642b1c4294e114ff29"
+  integrity sha512-VMbMxbDeehAxpOtWJXlcUS5E8iXh6QmN+BkRX1GARS3wRaXEEgzCcB10gTQazO42tpNIya8xIyNx8fll1OFPrg==
   dependencies:
     debug "2.6.9"
     depd "2.0.0"
     destroy "1.2.0"
-    encodeurl "~1.0.2"
+    encodeurl "~2.0.0"
     escape-html "~1.0.3"
     etag "~1.8.1"
-    fresh "0.5.2"
-    http-errors "2.0.0"
+    fresh "~0.5.2"
+    http-errors "~2.0.1"
     mime "1.6.0"
     ms "2.1.3"
-    on-finished "2.4.1"
+    on-finished "~2.4.1"
     range-parser "~1.2.1"
-    statuses "2.0.1"
+    statuses "~2.0.2"
 
 seq-queue@^0.0.5:
   version "0.0.5"
   resolved "https://registry.yarnpkg.com/seq-queue/-/seq-queue-0.0.5.tgz#d56812e1c017a6e4e7c3e3a37a1da6d78dd3c93e"
   integrity sha512-hr3Wtp/GZIc/6DAGPDcV4/9WoZhjrkXsi5B/07QgX8tsdc6ilr7BFM6PM6rbdAX1kFSDYeZGLipIZZKyQP0O5Q==
 
-serve-static@1.16.2:
-  version "1.16.2"
-  resolved "https://registry.yarnpkg.com/serve-static/-/serve-static-1.16.2.tgz#b6a5343da47f6bdd2673848bf45754941e803296"
-  integrity sha512-VqpjJZKadQB/PEbEwvFdO43Ax5dFBZ2UECszz8bQ7pi7wt//PWe1P6MN7eCnjsatYtBT6EuiClbjSWP2WrIoTw==
+serve-static@~1.16.2:
+  version "1.16.3"
+  resolved "https://registry.yarnpkg.com/serve-static/-/serve-static-1.16.3.tgz#a97b74d955778583f3862a4f0b841eb4d5d78cf9"
+  integrity sha512-x0RTqQel6g5SY7Lg6ZreMmsOzncHFU7nhnRWkKgWuMTu5NN0DR5oruckMqRvacAN9d5w6ARnRBXl9xhDCgfMeA==
   dependencies:
     encodeurl "~2.0.0"
     escape-html "~1.0.3"
     parseurl "~1.3.3"
-    send "0.19.0"
+    send "~0.19.1"
 
 set-blocking@^2.0.0:
   version "2.0.0"
   resolved "https://registry.yarnpkg.com/set-blocking/-/set-blocking-2.0.0.tgz#045f9782d011ae9a6803ddd382b24392b3d890f7"
   integrity sha512-KiKBS8AnWGEyLzofFfmvKwpdPzqiy16LvQfK3yv/fVH7Bj13/wl3JSR1J+rfgRE9q7xUJK4qvgS8raSOeLUehw==
 
-setprototypeof@1.2.0:
+setprototypeof@1.2.0, setprototypeof@~1.2.0:
   version "1.2.0"
   resolved "https://registry.yarnpkg.com/setprototypeof/-/setprototypeof-1.2.0.tgz#66c9a24a73f9fc28cbe66b09fed3d33dcaf1b424"
   integrity sha512-E5LDX7Wrp85Kil5bhZv46j8jOeboKq5JMmYM3gVGdGH8xFpPWXUMsNrlODCrkoxMEeNi/XZIwuRvY4XNwYMJpw==
@@ -2502,7 +2537,7 @@ side-channel-weakmap@^1.0.2:
     object-inspect "^1.13.3"
     side-channel-map "^1.0.1"
 
-side-channel@^1.0.6:
+side-channel@^1.1.0:
   version "1.1.0"
   resolved "https://registry.yarnpkg.com/side-channel/-/side-channel-1.1.0.tgz#c3fcff9c4da932784873335ec9765fa94ff66bc9"
   integrity sha512-ZX99e6tRweoUXqR+VBrslhda51Nh5MTQwou5tnUDgbtyM0dBgmhEDtWGP/xbKn6hqfPRHujUNwz5fy/wbbhnpw==
@@ -2613,10 +2648,10 @@ ssri@^8.0.0, ssri@^8.0.1:
   dependencies:
     minipass "^3.1.1"
 
-statuses@2.0.1:
-  version "2.0.1"
-  resolved "https://registry.yarnpkg.com/statuses/-/statuses-2.0.1.tgz#55cb000ccf1d48728bd23c685a063998cf1a1b63"
-  integrity sha512-RwNA9Z/7PrK06rYLIzFMlaF+l73iwpzsqRIFgbMLbTcLD6cOao82TaWefPXQvB2fOC4AjuYSEndS7N/mTCbkdQ==
+statuses@~2.0.1, statuses@~2.0.2:
+  version "2.0.2"
+  resolved "https://registry.yarnpkg.com/statuses/-/statuses-2.0.2.tgz#8f75eecef765b5e1cfcdc080da59409ed424e382"
+  integrity sha512-DvEy55V3DB7uknRo+4iOGT5fP1slR8wQohVdknigZPMpMstaKJQWhwiYBACJE3Ul2pTnATihhBYnRhZQHGBiRw==
 
 streamsearch@^1.1.0:
   version "1.1.0"
@@ -2736,6 +2771,11 @@ temp-write@^4.0.0:
     temp-dir "^1.0.0"
     uuid "^3.3.2"
 
+thirty-two@^1.0.2:
+  version "1.0.2"
+  resolved "https://registry.yarnpkg.com/thirty-two/-/thirty-two-1.0.2.tgz#4ca2fffc02a51290d2744b9e3f557693ca6b627a"
+  integrity sha512-OEI0IWCe+Dw46019YLl6V10Us5bi574EvlJEOcAkB29IzQ/mYD1A6RyNHLjZPiHCmuodxvgF6U+vZO1L15lxVA==
+
 tildify@2.0.0:
   version "2.0.0"
   resolved "https://registry.yarnpkg.com/tildify/-/tildify-2.0.0.tgz#f205f3674d677ce698b7067a99e949ce03b4754a"
@@ -2748,7 +2788,7 @@ to-regex-range@^5.0.1:
   dependencies:
     is-number "^7.0.0"
 
-toidentifier@1.0.1:
+toidentifier@~1.0.1:
   version "1.0.1"
   resolved "https://registry.yarnpkg.com/toidentifier/-/toidentifier-1.0.1.tgz#3be34321a88a820ed1bd80dfaa33e479fbb8dd35"
   integrity sha512-o5sSPKEkg/DIQNmH43V0/uerLrpzVedkUh8tGNvaeXpfpuwjKenlSox/2O/BTlZUtEe+JG7s5YhEz608PlAHRA==
@@ -2802,7 +2842,7 @@ unique-slug@^2.0.0:
   dependencies:
     imurmurhash "^0.1.4"
 
-unpipe@1.0.0, unpipe@~1.0.0:
+unpipe@~1.0.0:
   version "1.0.0"
   resolved "https://registry.yarnpkg.com/unpipe/-/unpipe-1.0.0.tgz#b2bf4ee8514aae6165b4817829d21b2ef49904ec"
   integrity sha512-pjy2bYhSsufwWlKwPc+l3cN7+wuJlK6uz0YdJEOlQDbl6jo/YlPi4mb8agUkVC8BF7V8NuzeyPNqRksA3hztKQ==

docker/docker-compose.ci.yml

@@ -24,9 +24,13 @@ services:
       interval: 10s
       timeout: 3s
     expose:
-      - "80-81/tcp"
+      - "80/tcp"
+      - "81/tcp"
       - "443/tcp"
-      - "1500-1503/tcp"
+      - "1500/tcp"
+      - "1501/tcp"
+      - "1502/tcp"
+      - "1503/tcp"
     networks:
       fulltest:
         aliases:

docker/rootfs/etc/nginx/conf.d/default.conf

@@ -8,8 +8,8 @@ server {
 	set $port "80";
 
 	server_name localhost-nginx-proxy-manager;
-	access_log /data/logs/fallback_access.log standard;
-	error_log /data/logs/fallback_error.log warn;
+	access_log /data/logs/fallback_http_access.log standard;
+	error_log /data/logs/fallback_http_error.log warn;
 	include conf.d/include/assets.conf;
 	include conf.d/include/block-exploits.conf;
 	include conf.d/include/letsencrypt-acme-challenge.conf;
@@ -30,7 +30,7 @@ server {
 	set $port "443";
 
 	server_name localhost;
-	access_log /data/logs/fallback_access.log standard;
+	access_log /data/logs/fallback_http_access.log standard;
 	error_log /dev/null crit;
 	include conf.d/include/ssl-ciphers.conf;
 	ssl_reject_handshake on;

docker/rootfs/etc/nginx/conf.d/include/log-proxy.conf

@@ -1,4 +1,4 @@
 log_format proxy '[$time_local] $upstream_cache_status $upstream_status $status - $request_method $scheme $host "$request_uri" [Client $remote_addr] [Length $body_bytes_sent] [Gzip $gzip_ratio] [Sent-to $server] "$http_user_agent" "$http_referer"';
 log_format standard '[$time_local] $status - $request_method $scheme $host "$request_uri" [Client $remote_addr] [Length $body_bytes_sent] [Gzip $gzip_ratio] "$http_user_agent" "$http_referer"';
 
-access_log /data/logs/fallback_access.log proxy;
+access_log /data/logs/fallback_http_access.log proxy;

docker/rootfs/etc/nginx/conf.d/include/log-stream.conf

@@ -0,0 +1,3 @@
+log_format stream '[$time_local] [Client $remote_addr:$remote_port] $protocol $status $bytes_sent $bytes_received $session_time [Sent-to $upstream_addr] [Sent $upstream_bytes_sent] [Received $upstream_bytes_received] [Time $upstream_connect_time] $ssl_protocol $ssl_cipher';
+
+access_log /data/logs/fallback_stream_access.log stream;

docker/rootfs/etc/nginx/nginx.conf

@@ -47,7 +47,7 @@ http {
 	proxy_cache_path              /var/lib/nginx/cache/private levels=1:2 keys_zone=private-cache:5m max_size=1024m;
 
 	# Log format and fallback log file
-	include /etc/nginx/conf.d/include/log.conf;
+	include /etc/nginx/conf.d/include/log-proxy.conf;
 
 	# Dynamically generated resolvers file
 	include /etc/nginx/conf.d/include/resolvers.conf;
@@ -85,6 +85,9 @@ http {
 }
 
 stream {
+	# Log format and fallback log file
+	include /etc/nginx/conf.d/include/log-stream.conf;
+
 	# Files generated by NPM
 	include /data/nginx/stream/*.conf;
 

frontend/.gitignore

@@ -1,3 +1,5 @@
+src/locale/lang
+
 # Logs
 logs
 *.log

frontend/check-locales.cjs

@@ -8,12 +8,19 @@
 
 const allLocales = [
 	["en", "en-US"],
-	["es", "es-ES"],
 	["de", "de-DE"],
+	["es", "es-ES"],
+	["it", "it-IT"],
+	["ja", "ja-JP"],
+	["nl", "nl-NL"],
+	["pl", "pl-PL"],
 	["ru", "ru-RU"],
 	["sk", "sk-SK"],
+	["vi", "vi-VN"],
 	["zh", "zh-CN"],
-	["pl", "pl-PL"],
+	["ko", "ko-KR"],
+	["bg", "bg-BG"],
+	["id", "id-ID"],
 ];
 
 const ignoreUnused = [

frontend/index.html

@@ -5,6 +5,7 @@
 		<meta name="viewport" content="width=device-width, initial-scale=1" />
 		<title>Nginx Proxy Manager</title>
 		<meta name="description" content="In The Office Planner" />
+		<link rel="preload" href="/images/logo-no-text.svg" as="image" type="image/svg+xml" fetchPriority="high">
 		<link
 			rel="apple-touch-icon"
 			sizes="180x180"

frontend/package.json

@@ -29,9 +29,9 @@
 		"generate-password-browser": "^1.1.0",
 		"humps": "^2.0.1",
 		"query-string": "^9.3.1",
-		"react": "^19.2.0",
+		"react": "^19.2.3",
 		"react-bootstrap": "^2.10.10",
-		"react-dom": "^19.2.0",
+		"react-dom": "^19.2.3",
 		"react-intl": "^7.1.14",
 		"react-markdown": "^10.1.0",
 		"react-router-dom": "^7.9.5",
@@ -48,10 +48,10 @@
 		"@testing-library/react": "^16.3.0",
 		"@types/country-flag-icons": "^1.2.2",
 		"@types/humps": "^2.0.6",
-		"@types/react": "^19.2.2",
-		"@types/react-dom": "^19.2.2",
+		"@types/react": "^19.2.7",
+		"@types/react-dom": "^19.2.3",
 		"@types/react-table": "^7.7.20",
-		"@vitejs/plugin-react": "^5.1.0",
+		"@vitejs/plugin-react": "^5.1.2",
 		"happy-dom": "^20.0.10",
 		"postcss": "^8.5.6",
 		"postcss-simple-vars": "^7.0.1",

frontend/src/App.css

@@ -13,6 +13,15 @@
 	--tblr-backdrop-opacity: 0.8 !important;
 }
 
+[data-bs-theme="dark"] .modal-content {
+	--tblr-modal-box-shadow: 0 0.5rem 1rem rgba(0, 0, 0, 0.15) !important;
+}
+
+[data-bs-theme="dark"] .modal-backdrop {
+	--tblr-backdrop-bg: #000 !important;
+	--tblr-backdrop-opacity: 0.65 !important;
+}
+
 .domain-name {
 	font-family: monospace;
 }
@@ -95,3 +104,15 @@ label.row {
 		border-radius: var(--tblr-border-radius) 0 0 var(--tblr-border-radius);
 	}
 }
+
+/* Fix for dropdown menus being clipped by table-responsive containers. */
+.table-responsive .dropdown {
+	position: static;
+}
+
+/* Fix for Tabler scrollbar compensation */
+@media (min-width: 992px) {
+  :host, :root {
+    margin-left: 0;
+  }
+}

frontend/src/api/backend/base.ts

@@ -156,7 +156,6 @@ export async function del({ url, params }: DeleteArgs, abortController?: AbortCo
 	const method = "DELETE";
 	const headers = {
 		...buildAuthHeader(),
-		[contentTypeHeader]: "application/json",
 	};
 	const signal = abortController?.signal;
 	const response = await fetch(apiUrl, { method, headers, signal });

frontend/src/api/backend/checkVersion.ts

@@ -0,0 +1,8 @@
+import * as api from "./base";
+import type { VersionCheckResponse } from "./responseTypes";
+
+export async function checkVersion(): Promise<VersionCheckResponse> {
+	return await api.get({
+		url: "/version/check",
+	});
+}

frontend/src/api/backend/getToken.ts

@@ -1,9 +1,22 @@
 import * as api from "./base";
-import type { TokenResponse } from "./responseTypes";
+import type { TokenResponse, TwoFactorChallengeResponse } from "./responseTypes";
 
-export async function getToken(identity: string, secret: string): Promise<TokenResponse> {
+export type LoginResponse = TokenResponse | TwoFactorChallengeResponse;
+
+export function isTwoFactorChallenge(response: LoginResponse): response is TwoFactorChallengeResponse {
+	return "requires2fa" in response && response.requires2fa === true;
+}
+
+export async function getToken(identity: string, secret: string): Promise<LoginResponse> {
 	return await api.post({
 		url: "/tokens",
 		data: { identity, secret },
 	});
 }
+
+export async function verify2FA(challengeToken: string, code: string): Promise<TokenResponse> {
+	return await api.post({
+		url: "/tokens/2fa",
+		data: { challengeToken, code },
+	});
+}

frontend/src/api/backend/index.ts

@@ -1,3 +1,4 @@
+export * from "./checkVersion";
 export * from "./createAccessList";
 export * from "./createCertificate";
 export * from "./createDeadHost";
@@ -59,3 +60,4 @@ export * from "./updateStream";
 export * from "./updateUser";
 export * from "./uploadCertificate";
 export * from "./validateCertificate";
+export * from "./twoFactor";

frontend/src/api/backend/responseTypes.ts

@@ -19,3 +19,28 @@ export interface ValidatedCertificateResponse {
 export interface LoginAsTokenResponse extends TokenResponse {
 	user: User;
 }
+
+export interface VersionCheckResponse {
+	current: string | null;
+	latest: string | null;
+	updateAvailable: boolean;
+}
+
+export interface TwoFactorChallengeResponse {
+	requires2fa: boolean;
+	challengeToken: string;
+}
+
+export interface TwoFactorStatusResponse {
+	enabled: boolean;
+	backupCodesRemaining: number;
+}
+
+export interface TwoFactorSetupResponse {
+	secret: string;
+	otpauthUrl: string;
+}
+
+export interface TwoFactorEnableResponse {
+	backupCodes: string[];
+}

frontend/src/api/backend/twoFactor.ts

@@ -0,0 +1,37 @@
+import * as api from "./base";
+import type { TwoFactorEnableResponse, TwoFactorSetupResponse, TwoFactorStatusResponse } from "./responseTypes";
+
+export async function get2FAStatus(userId: number | "me"): Promise<TwoFactorStatusResponse> {
+	return await api.get({
+		url: `/users/${userId}/2fa`,
+	});
+}
+
+export async function start2FASetup(userId: number | "me"): Promise<TwoFactorSetupResponse> {
+	return await api.post({
+		url: `/users/${userId}/2fa`,
+	});
+}
+
+export async function enable2FA(userId: number | "me", code: string): Promise<TwoFactorEnableResponse> {
+	return await api.post({
+		url: `/users/${userId}/2fa/enable`,
+		data: { code },
+	});
+}
+
+export async function disable2FA(userId: number | "me", code: string): Promise<boolean> {
+	return await api.del({
+		url: `/users/${userId}/2fa`,
+		params: {
+			code,
+		},
+	});
+}
+
+export async function regenerateBackupCodes(userId: number | "me", code: string): Promise<TwoFactorEnableResponse> {
+	return await api.post({
+		url: `/users/${userId}/2fa/backup-codes`,
+		data: { code },
+	});
+}

frontend/src/components/Form/AccessClientFields.tsx

@@ -3,7 +3,7 @@ import cn from "classnames";
 import { useFormikContext } from "formik";
 import { useState } from "react";
 import type { AccessListClient } from "src/api/backend";
-import { T } from "src/locale";
+import { intl, T } from "src/locale";
 
 interface Props {
 	initialValues: AccessListClient[];
@@ -65,8 +65,8 @@ export function AccessClientFields({ initialValues, name = "clients" }: Props) {
 									value={client.directive}
 									onChange={(e) => handleChange(idx, "directive", e.target.value)}
 								>
-									<option value="allow">Allow</option>
-									<option value="deny">Deny</option>
+									<option value="allow"><T id="action.allow" /></option>
+									<option value="deny"><T id="action.deny" /></option>
 								</select>
 							</span>
 							<input
@@ -76,7 +76,7 @@ export function AccessClientFields({ initialValues, name = "clients" }: Props) {
 								autoComplete="off"
 								value={client.address}
 								onChange={(e) => handleChange(idx, "address", e.target.value)}
-								placeholder="192.168.1.100 or 192.168.1.0/24 or 2001:0db8::/32"
+								placeholder={intl.formatMessage({ id: "access-list.rule-source.placeholder" })}
 							/>
 						</div>
 					</div>
@@ -112,7 +112,7 @@ export function AccessClientFields({ initialValues, name = "clients" }: Props) {
 								value="deny"
 								disabled
 							>
-								<option value="deny">Deny</option>
+								<option value="deny"><T id="action.deny" /></option>
 							</select>
 						</span>
 						<input

frontend/src/components/Form/AccessField.tsx

@@ -3,6 +3,7 @@ import { Field, useFormikContext } from "formik";
 import type { ReactNode } from "react";
 import Select, { type ActionMeta, components, type OptionProps } from "react-select";
 import type { AccessList } from "src/api/backend";
+import { useLocaleState } from "src/context";
 import { useAccessLists } from "src/hooks";
 import { formatDateTime, intl, T } from "src/locale";
 
@@ -32,6 +33,7 @@ interface Props {
 	label?: string;
 }
 export function AccessField({ name = "accessListId", label = "access-list", id = "accessListId" }: Props) {
+	const { locale } = useLocaleState();
 	const { isLoading, isError, error, data } = useAccessLists(["owner", "items", "clients"]);
 	const { setFieldValue } = useFormikContext();
 
@@ -48,7 +50,7 @@ export function AccessField({ name = "accessListId", label = "access-list", id =
 				{
 					users: item?.items?.length,
 					rules: item?.clients?.length,
-					date: item?.createdOn ? formatDateTime(item?.createdOn) : "N/A",
+					date: item?.createdOn ? formatDateTime(item?.createdOn, locale) : "N/A",
 				},
 			),
 			icon: <IconLock size={14} className="text-lime" />,

frontend/src/components/Form/DNSProviderFields.tsx

@@ -5,7 +5,7 @@ import { useState } from "react";
 import Select, { type ActionMeta } from "react-select";
 import type { DNSProvider } from "src/api/backend";
 import { useDnsProviders } from "src/hooks";
-import { T } from "src/locale";
+import { intl, T } from "src/locale";
 import styles from "./DNSProviderFields.module.css";
 
 interface DNSProviderOption {
@@ -57,7 +57,7 @@ export function DNSProviderFields({ showBoundaryBox = false }: Props) {
 							id="dnsProvider"
 							closeMenuOnSelect={true}
 							isClearable={false}
-							placeholder="Select a Provider..."
+							placeholder={intl.formatMessage({ id: "certificates.dns.provider.placeholder" })}
 							isLoading={isLoading}
 							isSearchable
 							onChange={handleChange}
@@ -116,7 +116,7 @@ export function DNSProviderFields({ showBoundaryBox = false }: Props) {
 									type="number"
 									className="form-control"
 									min={0}
-									max={600}
+									max={7200}
 									{...field}
 								/>
 								<small className="text-muted">

frontend/src/components/Form/SSLCertificateField.tsx

@@ -2,6 +2,7 @@ import { IconShield } from "@tabler/icons-react";
 import { Field, useFormikContext } from "formik";
 import Select, { type ActionMeta, components, type OptionProps } from "react-select";
 import type { Certificate } from "src/api/backend";
+import { useLocaleState } from "src/context";
 import { useCertificates } from "src/hooks";
 import { formatDateTime, intl, T } from "src/locale";
 
@@ -41,6 +42,7 @@ export function SSLCertificateField({
 	allowNew,
 	forHttp = true,
 }: Props) {
+	const { locale } = useLocaleState();
 	const { isLoading, isError, error, data } = useCertificates();
 	const { values, setFieldValue } = useFormikContext();
 	const v: any = values || {};
@@ -75,7 +77,7 @@ export function SSLCertificateField({
 		data?.map((cert: Certificate) => ({
 			value: cert.id,
 			label: cert.niceName,
-			subLabel: `${cert.provider === "letsencrypt" ? intl.formatMessage({ id: "lets-encrypt" }) : cert.provider} — ${intl.formatMessage({ id: "expires.on" }, { date: cert.expiresOn ? formatDateTime(cert.expiresOn) : "N/A" })}`,
+			subLabel: `${cert.provider === "letsencrypt" ? intl.formatMessage({ id: "lets-encrypt" }) : cert.provider} — ${intl.formatMessage({ id: "expires.on" }, { date: cert.expiresOn ? formatDateTime(cert.expiresOn, locale) : "N/A" })}`,
 			icon: <IconShield size={14} className="text-pink" />,
 		})) || [];
 

frontend/src/components/LocalePicker.tsx

@@ -5,7 +5,11 @@ import { useTheme } from "src/hooks";
 import { changeLocale, getFlagCodeForLocale, localeOptions, T } from "src/locale";
 import styles from "./LocalePicker.module.css";
 
-function LocalePicker() {
+interface Props {
+	menuAlign?: "start" | "end";
+}
+
+function LocalePicker({ menuAlign = "start" }: Props) {
 	const { locale, setLocale } = useLocaleState();
 	const { getTheme } = useTheme();
 
@@ -23,22 +27,24 @@ function LocalePicker() {
 			<button type="button" className={cns} data-bs-toggle="dropdown">
 				<Flag countryCode={getFlagCodeForLocale(locale)} />
 			</button>
-			<div className="dropdown-menu">
-				{localeOptions.map((item) => {
-					return (
-						<a
-							className="dropdown-item"
-							href={`/locale/${item[0]}`}
-							key={`locale-${item[0]}`}
-							onClick={(e) => {
-								e.preventDefault();
-								changeTo(item[0]);
-							}}
-						>
-							<Flag countryCode={getFlagCodeForLocale(item[0])} /> <T id={`locale-${item[1]}`} />
-						</a>
-					);
+			<div
+				className={cn("dropdown-menu", {
+					"dropdown-menu-end": menuAlign === "end",
 				})}
+			>
+				{localeOptions.map((item: any) => (
+					<a
+						className="dropdown-item"
+						href={`/locale/${item[0]}`}
+						key={`locale-${item[0]}`}
+						onClick={(e) => {
+							e.preventDefault();
+							changeTo(item[0]);
+						}}
+					>
+						<Flag countryCode={getFlagCodeForLocale(item[0])} /> <T id={`locale-${item[1]}`} />
+					</a>
+				))}
 			</div>
 		</div>
 	);

frontend/src/components/SiteContainer.tsx

@@ -2,5 +2,5 @@ interface Props {
 	children: React.ReactNode;
 }
 export function SiteContainer({ children }: Props) {
-	return <div className="container-xl py-3">{children}</div>;
+	return <div className="container-xl py-3 min-w-0 overflow-x-auto">{children}</div>;
 }

frontend/src/components/SiteFooter.tsx

@@ -1,8 +1,9 @@
-import { useHealth } from "src/hooks";
+import { useCheckVersion, useHealth } from "src/hooks";
 import { T } from "src/locale";
 
 export function SiteFooter() {
 	const health = useHealth();
+	const { data: versionData } = useCheckVersion();
 
 	const getVersion = () => {
 		if (!health.data) {
@@ -55,6 +56,19 @@ export function SiteFooter() {
 									{getVersion()}{" "}
 								</a>
 							</li>
+							{versionData?.updateAvailable && versionData?.latest && (
+								<li className="list-inline-item">
+									<a
+										href={`https://github.com/NginxProxyManager/nginx-proxy-manager/releases/tag/${versionData.latest}`}
+										className="link-warning fw-bold"
+										target="_blank"
+										rel="noopener"
+										title={`New version ${versionData.latest} is available`}
+									>
+										<T id="update-available" data={{ latestVersion: versionData.latest }} />
+									</a>
+								</li>
+							)}
 						</ul>
 					</div>
 				</div>

frontend/src/components/SiteHeader.tsx

@@ -1,9 +1,9 @@
-import { IconLock, IconLogout, IconUser } from "@tabler/icons-react";
+import { IconLock, IconLogout, IconShieldLock, IconUser } from "@tabler/icons-react";
 import { LocalePicker, NavLink, ThemeSwitcher } from "src/components";
 import { useAuthState } from "src/context";
 import { useUser } from "src/hooks";
 import { T } from "src/locale";
-import { showChangePasswordModal, showUserModal } from "src/modals";
+import { showChangePasswordModal, showTwoFactorModal, showUserModal } from "src/modals";
 import styles from "./SiteHeader.module.css";
 
 export function SiteHeader() {
@@ -25,7 +25,7 @@ export function SiteHeader() {
 				>
 					<span className="navbar-toggler-icon" />
 				</button>
-				<div className="navbar-brand navbar-brand-autodark d-none-navbar-horizontal pe-0 pe-md-3">
+				<div className="navbar-brand navbar-brand-autodark pe-0 pe-md-3">
 					<NavLink to="/">
 						<div className={styles.logo}>
 							<img
@@ -48,11 +48,11 @@ export function SiteHeader() {
 							<ThemeSwitcher />
 						</div>
 					</div>
-					<div className="nav-item d-none d-md-flex me-3">
+					<div className="nav-item d-md-flex">
 						<div className="nav-item dropdown">
 							<a
 								href="/"
-								className="nav-link d-flex lh-1 p-0 px-2"
+								className="nav-link d-flex lh-1"
 								data-bs-toggle="dropdown"
 								aria-label="Open user menu"
 							>
@@ -70,6 +70,22 @@ export function SiteHeader() {
 								</div>
 							</a>
 							<div className="dropdown-menu dropdown-menu-end dropdown-menu-arrow">
+								<div className="d-md-none">
+									{/* biome-ignore lint/a11y/noStaticElementInteractions lint/a11y/useKeyWithClickEvents: This div is not interactive. */}
+									<div className="p-2 pb-1 pe-1 d-flex align-items-center" onClick={e => e.stopPropagation()}>
+										<div className="ps-2 pe-1 me-auto">
+											<div>{currentUser?.nickname}</div>
+											<div className="mt-1 small text-secondary text-nowrap">
+												<T id={isAdmin ? "role.admin" : "role.standard-user"} />
+											</div>
+										</div>
+										<div className="d-flex align-items-center">
+											<ThemeSwitcher className="me-n2" />
+											<LocalePicker menuAlign="end" />
+										</div>
+									</div>
+									<div className="dropdown-divider" />
+								</div>
 								<a
 									href="?"
 									className="dropdown-item"
@@ -92,6 +108,17 @@ export function SiteHeader() {
 									<IconLock width={18} />
 									<T id="user.change-password" />
 								</a>
+								<a
+									href="?"
+									className="dropdown-item"
+									onClick={(e) => {
+										e.preventDefault();
+										showTwoFactorModal("me");
+									}}
+								>
+									<IconShieldLock width={18} />
+									<T id="user.two-factor" />
+								</a>
 								<div className="dropdown-divider" />
 								<a
 									href="?"

frontend/src/components/SiteMenu.tsx

@@ -176,21 +176,17 @@ const getMenuDropown = (item: MenuItem, onClick?: () => void) => {
 };
 
 export function SiteMenu() {
-	// This is hacky AF. But that's the price of using a non-react UI kit.
-	const closeMenus = () => {
-		const navMenus = document.querySelectorAll(".nav-item.dropdown");
-		navMenus.forEach((menu) => {
-			menu.classList.remove("show");
-			const dropdown = menu.querySelector(".dropdown-menu");
-			if (dropdown) {
-				dropdown.classList.remove("show");
-			}
-		});
-	};
+	const closeMenu = () => setTimeout(() => {
+		const navbarToggler = document.querySelector<HTMLElement>(".navbar-toggler");
+		const navbarMenu = document.querySelector("#navbar-menu");
+		if (navbarToggler && navbarMenu?.classList.contains("show")) {
+			navbarToggler.click();
+		}
+	}, 300);
 
 	return (
 		<header className="navbar-expand-md">
-			<div className="collapse navbar-collapse"  id="navbar-menu">
+			<div className="collapse navbar-collapse" id="navbar-menu">
 				<div className="navbar">
 					<div className="container-xl">
 						<div className="row flex-column flex-md-row flex-fill align-items-center">
@@ -198,7 +194,7 @@ export function SiteMenu() {
 								<ul className="navbar-nav">
 									{menuItems.length > 0 &&
 										menuItems.map((item) => {
-											return getMenuItem(item, closeMenus);
+											return getMenuItem(item, closeMenu);
 										})}
 								</ul>
 							</div>

frontend/src/components/Table/Formatter/DateFormatter.tsx

@@ -1,5 +1,6 @@
 import cn from "classnames";
 import { differenceInDays, isPast } from "date-fns";
+import { useLocaleState } from "src/context";
 import { formatDateTime, parseDate } from "src/locale";
 
 interface Props {
@@ -8,6 +9,7 @@ interface Props {
 	highlistNearlyExpired?: boolean;
 }
 export function DateFormatter({ value, highlightPast, highlistNearlyExpired }: Props) {
+	const { locale } = useLocaleState();
 	const d = parseDate(value);
 	const dateIsPast = d ? isPast(d) : false;
 	const days = d ? differenceInDays(d, new Date()) : 0;
@@ -15,5 +17,5 @@ export function DateFormatter({ value, highlightPast, highlistNearlyExpired }: P
 		"text-danger": highlightPast && dateIsPast,
 		"text-warning": highlistNearlyExpired && !dateIsPast && days <= 30 && days >= 0,
 	});
-	return <span className={cl}>{formatDateTime(value)}</span>;
+	return <span className={cl}>{formatDateTime(value, locale)}</span>;
 }

frontend/src/components/Table/Formatter/DomainsFormatter.tsx

@@ -1,5 +1,6 @@
 import cn from "classnames";
 import type { ReactNode } from "react";
+import { useLocaleState } from "src/context";
 import { formatDateTime, T } from "src/locale";
 
 interface Props {
@@ -10,35 +11,44 @@ interface Props {
 	color?: string;
 }
 
-const DomainLink = ({ domain, color }: { domain: string; color?: string }) => {
+const DomainLink = ({ domain, color }: { domain?: string; color?: string }) => {
 	// when domain contains a wildcard, make the link go nowhere.
-	let onClick: ((e: React.MouseEvent) => void) | undefined;
-	if (domain.includes("*")) {
-		onClick = (e: React.MouseEvent) => e.preventDefault();
+	// Apparently the domain can be null or undefined sometimes.
+	// This try is just a safeguard to prevent the whole formatter from breaking.
+	if (!domain) return null;
+	try {
+		let onClick: ((e: React.MouseEvent) => void) | undefined;
+		if (domain.includes("*")) {
+			onClick = (e: React.MouseEvent) => e.preventDefault();
+		}
+		return (
+			<a
+				key={domain}
+				href={`http://${domain}`}
+				target="_blank"
+				onClick={onClick}
+				className={cn("badge", color ? `bg-${color}-lt` : null, "domain-name", "me-2")}
+			>
+				{domain}
+			</a>
+		);
+	} catch {
+		return null;
 	}
-	return (
-		<a
-			key={domain}
-			href={`http://${domain}`}
-			target="_blank"
-			onClick={onClick}
-			className={cn("badge", color ? `bg-${color}-lt` : null, "domain-name", "me-2")}
-		>
-			{domain}
-		</a>
-	);
 };
 
 export function DomainsFormatter({ domains, createdOn, niceName, provider, color }: Props) {
+	const { locale } = useLocaleState();
 	const elms: ReactNode[] = [];
-	if (domains.length === 0 && !niceName) {
+
+	if ((!domains || domains.length === 0) && !niceName) {
 		elms.push(
 			<span key="nice-name" className="badge bg-danger-lt me-2">
 				Unknown
 			</span>,
 		);
 	}
-	if (niceName && provider !== "letsencrypt") {
+	if (!domains || (niceName && provider !== "letsencrypt")) {
 		elms.push(
 			<span key="nice-name" className="badge bg-info-lt me-2">
 				{niceName}
@@ -46,14 +56,16 @@ export function DomainsFormatter({ domains, createdOn, niceName, provider, color
 		);
 	}
 
-	domains.map((domain: string) => elms.push(<DomainLink key={domain} domain={domain} color={color} />));
+	if (domains) {
+		domains.map((domain: string) => elms.push(<DomainLink key={domain} domain={domain} color={color} />));
+	}
 
 	return (
 		<div className="flex-fill">
 			<div className="font-weight-medium">{...elms}</div>
 			{createdOn ? (
 				<div className="text-secondary mt-1">
-					<T id="created-on" data={{ date: formatDateTime(createdOn) }} />
+					<T id="created-on" data={{ date: formatDateTime(createdOn, locale) }} />
 				</div>
 			) : null}
 		</div>

frontend/src/components/Table/Formatter/EventFormatter.tsx

@@ -1,6 +1,7 @@
 import { IconArrowsCross, IconBolt, IconBoltOff, IconDisc, IconLock, IconShield, IconUser } from "@tabler/icons-react";
 import cn from "classnames";
 import type { AuditLog } from "src/api/backend";
+import { useLocaleState } from "src/context";
 import { formatDateTime, T } from "src/locale";
 
 const getEventValue = (event: AuditLog) => {
@@ -66,6 +67,7 @@ interface Props {
 	row: AuditLog;
 }
 export function EventFormatter({ row }: Props) {
+	const { locale } = useLocaleState();
 	return (
 		<div className="flex-fill">
 			<div className="font-weight-medium">
@@ -73,7 +75,7 @@ export function EventFormatter({ row }: Props) {
 				<T id={`object.event.${row.action}`} tData={{ object: row.objectType }} />
 				&nbsp; &mdash; <span className="badge">{getEventValue(row)}</span>
 			</div>
-			<div className="text-secondary mt-1">{formatDateTime(row.createdOn)}</div>
+			<div className="text-secondary mt-1">{formatDateTime(row.createdOn, locale)}</div>
 		</div>
 	);
 }

frontend/src/components/Table/Formatter/ValueWithDateFormatter.tsx

@@ -1,3 +1,4 @@
+import { useLocaleState } from "src/context";
 import { formatDateTime, T } from "src/locale";
 
 interface Props {
@@ -6,6 +7,7 @@ interface Props {
 	disabled?: boolean;
 }
 export function ValueWithDateFormatter({ value, createdOn, disabled }: Props) {
+	const { locale } = useLocaleState();
 	return (
 		<div className="flex-fill">
 			<div className="font-weight-medium">
@@ -13,7 +15,7 @@ export function ValueWithDateFormatter({ value, createdOn, disabled }: Props) {
 			</div>
 			{createdOn ? (
 				<div className={`text-secondary mt-1 ${disabled ? "text-red" : ""}`}>
-					<T id={disabled ? "disabled" : "created-on"} data={{ date: formatDateTime(createdOn) }} />
+					<T id={disabled ? "disabled" : "created-on"} data={{ date: formatDateTime(createdOn, locale) }} />
 				</div>
 			) : null}
 		</div>

frontend/src/components/Table/TableLayout.tsx

@@ -12,10 +12,12 @@ interface TableLayoutProps<TFields> {
 function TableLayout<TFields>(props: TableLayoutProps<TFields>) {
 	const hasRows = props.tableInstance.getRowModel().rows.length > 0;
 	return (
-		<table className="table table-vcenter table-selectable mb-0">
-			{hasRows ? <TableHeader tableInstance={props.tableInstance} /> : null}
-			<TableBody {...props} />
-		</table>
+		<div className="table-responsive">
+			<table className="table table-vcenter table-selectable mb-0">
+				{hasRows ? <TableHeader tableInstance={props.tableInstance} /> : null}
+				<TableBody {...props} />
+			</table>
+		</div>
 	);
 }
 

frontend/src/context/AuthContext.tsx

@@ -1,13 +1,28 @@
 import { useQueryClient } from "@tanstack/react-query";
 import { createContext, type ReactNode, useContext, useState } from "react";
 import { useIntervalWhen } from "rooks";
-import { getToken, loginAsUser, refreshToken, type TokenResponse } from "src/api/backend";
+import {
+	getToken,
+	isTwoFactorChallenge,
+	loginAsUser,
+	refreshToken,
+	verify2FA,
+	type TokenResponse,
+} from "src/api/backend";
 import AuthStore from "src/modules/AuthStore";
 
+// 2FA challenge state
+export interface TwoFactorChallenge {
+	challengeToken: string;
+}
+
 // Context
 export interface AuthContextType {
 	authenticated: boolean;
+	twoFactorChallenge: TwoFactorChallenge | null;
 	login: (username: string, password: string) => Promise<void>;
+	verifyTwoFactor: (code: string) => Promise<void>;
+	cancelTwoFactor: () => void;
 	loginAs: (id: number) => Promise<void>;
 	logout: () => void;
 	token?: string;
@@ -24,17 +39,35 @@ interface Props {
 function AuthProvider({ children, tokenRefreshInterval = 5 * 60 * 1000 }: Props) {
 	const queryClient = useQueryClient();
 	const [authenticated, setAuthenticated] = useState(AuthStore.hasActiveToken());
+	const [twoFactorChallenge, setTwoFactorChallenge] = useState<TwoFactorChallenge | null>(null);
 
 	const handleTokenUpdate = (response: TokenResponse) => {
 		AuthStore.set(response);
 		setAuthenticated(true);
+		setTwoFactorChallenge(null);
 	};
 
 	const login = async (identity: string, secret: string) => {
 		const response = await getToken(identity, secret);
+		if (isTwoFactorChallenge(response)) {
+			setTwoFactorChallenge({ challengeToken: response.challengeToken });
+			return;
+		}
 		handleTokenUpdate(response);
 	};
 
+	const verifyTwoFactor = async (code: string) => {
+		if (!twoFactorChallenge) {
+			throw new Error("No 2FA challenge pending");
+		}
+		const response = await verify2FA(twoFactorChallenge.challengeToken, code);
+		handleTokenUpdate(response);
+	};
+
+	const cancelTwoFactor = () => {
+		setTwoFactorChallenge(null);
+	};
+
 	const loginAs = async (id: number) => {
 		const response = await loginAsUser(id);
 		AuthStore.add(response);
@@ -69,7 +102,15 @@ function AuthProvider({ children, tokenRefreshInterval = 5 * 60 * 1000 }: Props)
 		true,
 	);
 
-	const value = { authenticated, login, logout, loginAs };
+	const value = {
+		authenticated,
+		twoFactorChallenge,
+		login,
+		verifyTwoFactor,
+		cancelTwoFactor,
+		loginAs,
+		logout,
+	};
 
 	return <AuthContext.Provider value={value}>{children}</AuthContext.Provider>;
 }

frontend/src/hooks/index.ts

@@ -4,6 +4,7 @@ export * from "./useAuditLog";
 export * from "./useAuditLogs";
 export * from "./useCertificate";
 export * from "./useCertificates";
+export * from "./useCheckVersion";
 export * from "./useDeadHost";
 export * from "./useDeadHosts";
 export * from "./useDnsProviders";

frontend/src/hooks/useCheckVersion.ts

@@ -0,0 +1,18 @@
+import { useQuery } from "@tanstack/react-query";
+import { checkVersion, type VersionCheckResponse } from "src/api/backend";
+
+const fetchVersion = () => checkVersion();
+
+const useCheckVersion = (options = {}) => {
+	return useQuery<VersionCheckResponse, Error>({
+		queryKey: ["version-check"],
+		queryFn: fetchVersion,
+		refetchOnWindowFocus: false,
+		retry: 5,
+		refetchInterval: 30 * 1000, // 30 seconds
+		staleTime: 5 * 60 * 1000, // 5 mins
+		...options,
+	});
+};
+
+export { fetchVersion, useCheckVersion };

frontend/src/locale/IntlProvider.tsx

@@ -2,75 +2,67 @@ import { createIntl, createIntlCache } from "react-intl";
 import langDe from "./lang/de.json";
 import langEn from "./lang/en.json";
 import langEs from "./lang/es.json";
+import langGa from "./lang/ga.json";
+import langIt from "./lang/it.json";
 import langJa from "./lang/ja.json";
 import langList from "./lang/lang-list.json";
+import langNl from "./lang/nl.json";
+import langPl from "./lang/pl.json";
 import langRu from "./lang/ru.json";
 import langSk from "./lang/sk.json";
+import langVi from "./lang/vi.json";
 import langZh from "./lang/zh.json";
-import langPl from "./lang/pl.json";
+import langKo from "./lang/ko.json";
+import langBg from "./lang/bg.json";
+import langId from "./lang/id.json";
 
 // first item of each array should be the language code,
 // not the country code
 // Remember when adding to this list, also update check-locales.js script
 const localeOptions = [
-	["en", "en-US"],
-	["de", "de-DE"],
-	["es", "es-ES"],
-	["ja", "ja-JP"],
-	["ru", "ru-RU"],
-	["sk", "sk-SK"],
-	["zh", "zh-CN"],
-	["pl", "pl-PL"],
+	["en", "en-US", langEn],
+	["de", "de-DE", langDe],
+	["es", "es-ES", langEs],
+	["ga", "ga-IE", langGa],
+	["ja", "ja-JP", langJa],
+	["it", "it-IT", langIt],
+	["nl", "nl-NL", langNl],
+	["pl", "pl-PL", langPl],
+	["ru", "ru-RU", langRu],
+	["sk", "sk-SK", langSk],
+	["vi", "vi-VN", langVi],
+	["zh", "zh-CN", langZh],
+	["ko", "ko-KR", langKo],
+	["bg", "bg-BG", langBg],
+	["id", "id-ID", langId],
 ];
 
 const loadMessages = (locale?: string): typeof langList & typeof langEn => {
-	const thisLocale = locale || "en";
-	switch (thisLocale.slice(0, 2)) {
-		case "de":
-			return Object.assign({}, langList, langEn, langDe);
-		case "es":
-			return Object.assign({}, langList, langEn, langEs);
-		case "ja":
-			return Object.assign({}, langList, langEn, langJa);
-		case "ru":
-			return Object.assign({}, langList, langEn, langRu);
-		case "sk":
-			return Object.assign({}, langList, langEn, langSk);
-		case "zh":
-			return Object.assign({}, langList, langEn, langZh);
-		case "pl":
-			return Object.assign({}, langList, langEn, langPl);
-		default:
-			return Object.assign({}, langList, langEn);
+	const thisLocale = (locale || "en").slice(0, 2);
+
+	// ensure this lang exists in localeOptions above, otherwise fallback to en
+	if (thisLocale === "en" || !localeOptions.some(([code]) => code === thisLocale)) {
+		return Object.assign({}, langList, langEn);
 	}
+
+	return Object.assign({}, langList, langEn, localeOptions.find(([code]) => code === thisLocale)?.[2]);
 };
 
 const getFlagCodeForLocale = (locale?: string) => {
-	switch (locale) {
-		case "es-ES":
-		case "es":
-			return "ES";
-		case "de-DE":
-		case "de":
-			return "DE";
-		case "ja-JP":
-		case "ja":
-			return "JP";
-		case "ru-RU":
-		case "ru":
-			return "RU";
-		case "sk-SK":
-		case "sk":
-			return "SK";
-		case "zh":
-		case "zh-CN":
-			return "CN";
-		case "pl":
-		case "pl-PL":
-			return "PL";
-		default:
-			return "EN";
+	const thisLocale = (locale || "en").slice(0, 2);
+
+	// only add to this if your flag is different from the locale code
+	const specialCases: Record<string, string> = {
+		ja: "jp", // Japan
+		zh: "cn", // China
+		vi: "vn", // Vietnam
+		ko: "kr", // Korea
+	};
+
+	if (specialCases[thisLocale]) {
+		return specialCases[thisLocale].toUpperCase();
 	}
+	return thisLocale.toUpperCase();
 };
 
 const getLocale = (short = false) => {
@@ -131,4 +123,6 @@ const T = ({
 	);
 };
 
+console.log("L:", localeOptions);
+
 export { localeOptions, getFlagCodeForLocale, getLocale, createIntl, changeLocale, intl, T };

frontend/src/locale/README.md

@@ -39,8 +39,10 @@ not be complete by the time you're reading this:
 
 - frontend/src/locale/src/[yourlang].json
 - frontend/src/locale/src/lang-list.json
-- frontend/src/locale/src/HelpDoc/*
+- frontend/src/locale/src/HelpDoc/[yourlang]/*
+- frontend/src/locale/src/HelpDoc/index.tsx
 - frontend/src/locale/IntlProvider.tsx
+- frontend/check-locales.cjs
 
 
 ## Checking for missing translations in languages

frontend/src/locale/Utils.test.tsx

@@ -39,19 +39,19 @@ describe("DateFormatter", () => {
 	it("format date from iso date", () => {
 		const value = "2024-01-01T00:00:00.000Z";
 		const text = formatDateTime(value);
-		expect(text).toBe("Monday, 01/01/2024, 12:00:00 am");
+		expect(text).toBe("1 Jan 2024, 12:00:00 am");
 	});
 
 	it("format date from unix timestamp number", () => {
 		const value = 1762476112;
 		const text = formatDateTime(value);
-		expect(text).toBe("Friday, 07/11/2025, 12:41:52 am");
+		expect(text).toBe("7 Nov 2025, 12:41:52 am");
 	});
 
 	it("format date from unix timestamp string", () => {
 		const value = "1762476112";
 		const text = formatDateTime(value);
-		expect(text).toBe("Friday, 07/11/2025, 12:41:52 am");
+		expect(text).toBe("7 Nov 2025, 12:41:52 am");
 	});
 
 	it("catch bad format from string", () => {

frontend/src/locale/Utils.ts

@@ -1,4 +1,9 @@
-import { fromUnixTime, intlFormat, parseISO } from "date-fns";
+import {
+	fromUnixTime,
+	type IntlFormatFormatOptions,
+	intlFormat,
+	parseISO,
+} from "date-fns";
 
 const isUnixTimestamp = (value: unknown): boolean => {
 	if (typeof value !== "number" && typeof value !== "string") return false;
@@ -20,20 +25,19 @@ const parseDate = (value: string | number): Date | null => {
 	}
 };
 
-const formatDateTime = (value: string | number): string => {
+const formatDateTime = (value: string | number, locale = "en-US"): string => {
 	const d = parseDate(value);
 	if (!d) return `${value}`;
 	try {
-		return intlFormat(d, {
-			weekday: "long",
-			year: "numeric",
-			month: "numeric",
-			day: "numeric",
-			hour: "numeric",
-			minute: "numeric",
-			second: "numeric",
-			hour12: true,
-		});
+		return intlFormat(
+			d,
+			{
+				dateStyle: "medium",
+				timeStyle: "medium",
+				hourCycle: "h12",
+			} as IntlFormatFormatOptions,
+			{ locale },
+		);
 	} catch {
 		return `${value}`;
 	}

frontend/src/locale/lang/de.json

@@ -1,216 +0,0 @@
-{
-  "access-list": "Zugriffsliste",
-  "access-list.access-count": "{count} {count, plural, one {Regel} other {Regeln}}",
-  "access-list.auth-count": "{count} {count, plural, one {User} other {Users}}",
-  "access-list.help-rules-last": "Wenn mindestens eine Regel vorhanden ist, wird diese Regel zum Ablehnen aller Anfragen als letzte hinzugefügt.",
-  "access-list.help.rules-order": "Beachten Sie, dass die Anweisungen „Erlauben“ und „Verbieten“ in der Reihenfolge ihrer Definition angewendet werden.",
-  "access-list.pass-auth": "Authentifizierung an Upstream weiterleiten",
-  "access-list.public": "Öffentlich",
-  "access-list.public.subtitle": "Keine Authentifizierung erforderlich",
-  "access-list.satisfy-any": "Satisfy Any",
-  "access-list.subtitle": "{users} {users, plural, one {User} other {Users}}, {rules} {rules, plural, one {Regel} other {Regeln}} - Erstellt: {date}",
-  "access-lists": "Zugrifflisten",
-  "action.add": "Hinzufügen",
-  "action.add-location": "Pfad Hinzufügen",
-  "action.close": "Schließen",
-  "action.delete": "Löschen",
-  "action.disable": "Deaktivieren",
-  "action.download": "Herunterladen",
-  "action.edit": "Bearbeiten",
-  "action.enable": "Aktivieren",
-  "action.permissions": "Berechtigungen",
-  "action.renew": "Erneuert",
-  "action.view-details": "Details",
-  "auditlogs": "Protokoll",
-  "cancel": "Abbrechen",
-  "certificate": "Zertifikat",
-  "certificate.custom-certificate": "Zertifikat",
-  "certificate.custom-certificate-key": "Privater Schlüssel",
-  "certificate.custom-intermediate": "Zwischen Zertifikat",
-  "certificate.in-use": "In Benutzung",
-  "certificate.none.subtitle": "Kein Zertifikat zugewiesen",
-  "certificate.none.subtitle.for-http": "Dieser Host verwendet kein HTTPS.",
-  "certificate.none.title": "Kein",
-  "certificate.not-in-use": "Nicht in Benutzung",
-  "certificate.renew": "Zertifikat erneuern",
-  "certificates": "Zertifikate",
-  "certificates.custom": "Benutzerdefiniertes Zertifikat",
-  "certificates.custom.warning": "Mit einem Passwort geschützte Schlüsseldateien werden nicht unterstützt.",
-  "certificates.dns.credentials": "Inhalt der Anmeldedaten-Datei",
-  "certificates.dns.credentials-note": "Dieses Plugin erfordert eine Konfigurationsdatei, die einen API-Token oder andere Anmeldedaten für Ihren Anbieter enthält.",
-  "certificates.dns.credentials-warning": "Diese Daten werden als Klartext in der Datenbank und in einer Datei gespeichert!",
-  "certificates.dns.propagation-seconds": "Wartzeit in Sekunden",
-  "certificates.dns.propagation-seconds-note": "Leer lassen um die Standardwartezeit des Plugins zu nutzen",
-  "certificates.dns.provider": "DNS Provider",
-  "certificates.dns.warning": "Dieser Abschnitt erfordert einige Kenntnisse über Certbot und seine DNS-Plugins. Bitte konsultieren Sie die jeweilige Plugin-Dokumentation.",
-  "certificates.http.reachability-404": "Unter dieser Domain wurde ein Server gefunden, aber es scheint sich nicht um Nginx Proxy Manager zu handeln. Bitte stellen Sie sicher, dass Ihre Domain auf die IP-Adresse verweist, unter der Ihre NPM-Instanz ausgeführt wird.",
-  "certificates.http.reachability-failed-to-check": "Die Erreichbarkeit konnte aufgrund eines Kommunikationsfehlers mit site24x7.com nicht überprüft werden.",
-  "certificates.http.reachability-not-resolved": "Unter dieser Domain ist kein Server verfügbar. Bitte stellen Sie sicher, dass Ihre Domain existiert und auf die IP-Adresse verweist, unter der Ihre NPM-Instanz läuft, und dass gegebenenfalls Port 80 in Ihrem Router weitergeleitet wird.",
-  "certificates.http.reachability-ok": "Ihr Server ist erreichbar und die Erstellung von Zertifikaten sollte möglich sein.",
-  "certificates.http.reachability-other": "Unter dieser Domain wurde ein Server gefunden, der jedoch einen unerwarteten Statuscode {code} zurückgegeben hat. Handelt es sich um den NPM-Server? Bitte stellen Sie sicher, dass Ihre Domain auf die IP-Adresse verweist, unter der Ihre NPM-Instanz ausgeführt wird.",
-  "certificates.http.reachability-wrong-data": "Unter dieser Domain wurde ein Server gefunden, der jedoch unerwartete Daten zurückgegeben hat. Handelt es sich um den NPM-Server? Bitte stellen Sie sicher, dass Ihre Domain auf die IP-Adresse verweist, unter der Ihre NPM-Instanz ausgeführt wird.",
-  "certificates.http.test-results": "Test Ergeniss",
-  "certificates.http.warning": "Diese Domänen müssen bereits so konfiguriert sein, dass sie auf diese Installation verweisen.",
-  "certificates.request.subtitle": "Über Let's Encrypt",
-  "certificates.request.title": "Anfordern eines neuen Zertifikates",
-  "column.access": "Zugriff",
-  "column.authorization": "Genehmigung",
-  "column.authorizations": "Genehmigungen",
-  "column.custom-locations": "Benutzerdefinierte Pfad",
-  "column.destination": "Ziel",
-  "column.details": "Details",
-  "column.email": "Email",
-  "column.event": "Ereignis",
-  "column.expires": "Verfällt am",
-  "column.http-code": "HTTP Code",
-  "column.incoming-port": "Eingehender Port",
-  "column.name": "Name",
-  "column.protocol": "Protokoll",
-  "column.provider": "Provider",
-  "column.roles": "Rollen",
-  "column.rules": "Regeln",
-  "column.satisfy": "Satisfy",
-  "column.satisfy-all": "Alle",
-  "column.satisfy-any": "Jeder",
-  "column.scheme": "Schema",
-  "column.source": "Quelle",
-  "column.ssl": "SSL",
-  "column.status": "Status",
-  "created-on": "Erstelldatum: {date}",
-  "dashboard": "Dashboard",
-  "dead-host": "404 Host",
-  "dead-hosts": "404 Hosts",
-  "dead-hosts.count": "{count} {count, plural, one {404 Host} other {404 Hosts}}",
-  "disabled": "Deaktiviert",
-  "domain-names": "Domain Names",
-  "domain-names.max": "{count} Maximale Anzahl von Domainnamen",
-  "domain-names.placeholder": "Eintragen der Domain...",
-  "domain-names.wildcards-not-permitted": "Wildcards sind für diesen Typ nicht zulässig.",
-  "domain-names.wildcards-not-supported": "Wildcards werden für diese Zertifizierungsstelle nicht unterstützt.",
-  "domains.force-ssl": "Erzwinge SSL",
-  "domains.hsts-enabled": "HSTS aktiviert",
-  "domains.hsts-subdomains": "HSTS Sub-domains",
-  "domains.http2-support": "HTTP/2 Support",
-  "domains.use-dns": "Nutze DNS Challenge",
-  "email-address": "Email Addresse",
-  "empty-search": "Keine Ergebnisse gefunden",
-  "empty-subtitle": "Warum erstellen Sie nicht eine?",
-  "enabled": "aktiviert",
-  "error.access.at-least-one": "Entweder eine Genehmigung oder eine Zugriffsregel ist erforderlich.",
-  "error.access.duplicate-usernames": "Autorisierung Benutzernamen müssen eindeutig sein",
-  "error.invalid-auth": "Ungültige E-Mail-Adresse oder Passwort",
-  "error.invalid-domain": "Ungültige Domain: {domain}",
-  "error.invalid-email": "Ungültige E-Mail-Adresse",
-  "error.max-character-length": "Die maximale Länge beträgt {max} Zeichen{max, plural, one {} other {s}}",
-  "error.max-domains": "Zu viele Domains, maximal sind {max}",
-  "error.maximum": "Maximum ist {max}",
-  "error.min-character-length": "Die minimale Länge beträgt {min} Zeichen{min, plural, one {} other {s}}",
-  "error.minimum": "Minimum ist {min}",
-  "error.passwords-must-match": "Passwörter müssen übereinstimmen",
-  "error.required": "Dies ist erforderlich.",
-  "expires.on": "Ablauf am: {date}",
-  "footer.github-fork": "Fork me on Github",
-  "host.flags.block-exploits": "Gängige Exploits blockieren",
-  "host.flags.cache-assets": "Cache Assets",
-  "host.flags.preserve-path": "Pfad beibehalten",
-  "host.flags.protocols": "Protokole",
-  "host.flags.websockets-upgrade": "Websockets Support",
-  "host.forward-port": "Forward Port",
-  "host.forward-scheme": "Schema",
-  "hosts": "Hosts",
-  "http-only": "HTTP Only",
-  "lets-encrypt": "Let's Encrypt",
-  "lets-encrypt-via-dns": "Let's Encrypt via DNS",
-  "lets-encrypt-via-http": "Let's Encrypt via HTTP",
-  "loading": "Laden…",
-  "login.title": "Account Login",
-  "nginx-config.label": "Benutzerdefinierte Nginx Konfiguration",
-  "nginx-config.placeholder": "# Geben Sie hier Ihre benutzerdefinierte Nginx-Konfiguration auf eigene Gefahr ein!",
-  "no-permission-error": "Sie haben keinen Zugriff, um dies anzuzeigen.",
-  "notfound.action": "Take me home",
-  "notfound.content": "We are sorry but the page you are looking for was not found",
-  "notfound.title": "Oops… You just found an error page",
-  "notification.error": "Error",
-  "notification.object-deleted": "{object} wurde gelöscht",
-  "notification.object-disabled": "{object} wurde deaktiviert",
-  "notification.object-enabled": "{object} wurde aktiviert",
-  "notification.object-renewed": "{object} wurde erneuert",
-  "notification.object-saved": "{object} wurde gespeichert",
-  "notification.success": "Erfolgreich",
-  "object.actions-title": "{object} #{id}",
-  "object.add": "{object} hinzufügen",
-  "object.delete": "{object} löschen",
-  "object.delete.content": "{object} wirklich löschen?",
-  "object.edit": "{object} bearbeiten",
-  "object.empty": "Keine {objects} vorhanden",
-  "object.event.created": "{object} erstellt",
-  "object.event.deleted": "{object} gelöscht",
-  "object.event.disabled": "{object} deaktiviert",
-  "object.event.enabled": "{object} aktiviert",
-  "object.event.renewed": "{object} erneuert",
-  "object.event.updated": "{object} aktualisiert",
-  "offline": "Offline",
-  "online": "Online",
-  "options": "Optionen",
-  "password": "Passwort",
-  "password.generate": "Zufälliges Passwort generieren",
-  "password.hide": "Passwort verstecken",
-  "password.show": "Passwort anzeigen",
-  "permissions.hidden": "Versteckt",
-  "permissions.manage": "Verwalten",
-  "permissions.view": "Nur anzeigen",
-  "permissions.visibility.all": "Alle Elemente",
-  "permissions.visibility.title": "Objekt Sichtbarkeit",
-  "permissions.visibility.user": "Nur erstellte Elemente",
-  "proxy-host": "Proxy Host",
-  "proxy-host.forward-host": "Forward Hostname / IP",
-  "proxy-hosts": "Proxy Hosts",
-  "proxy-hosts.count": "{count} {count, plural, one {Proxy Host} other {Proxy Hosts}}",
-  "public": "Öffentlich",
-  "redirection-host": "Redirection Host",
-  "redirection-host.forward-domain": "Forward Domain",
-  "redirection-host.forward-http-code": "HTTP Code",
-  "redirection-hosts": "Redirection Hosts",
-  "redirection-hosts.count": "{count} {count, plural, one {Redirection Host} other {Redirection Hosts}}",
-  "role.admin": "Administrator",
-  "role.standard-user": "Standard User",
-  "save": "Speichern",
-  "setting": "Einstellung",
-  "settings": "Einstellungen",
-  "settings.default-site": "Standard Seite",
-  "settings.default-site.404": "404 Page",
-  "settings.default-site.444": "No Response (444)",
-  "settings.default-site.congratulations": "Willkommensseite",
-  "settings.default-site.description": "Was angezeigt wird, wenn der Nginx eine unbekannte Webseitenanfrage bekommt",
-  "settings.default-site.html": "Benutzerdefinierte HTML",
-  "settings.default-site.html.placeholder": "<!-- Geben Sie hier Ihren benutzerdefinierten HTML-Inhalt ein. -->",
-  "settings.default-site.redirect": "Weiterleitung",
-  "setup.preamble": "Beginnen Sie mit der Erstellung Ihres Administratorkontos.",
-  "setup.title": "Willkommen!",
-  "sign-in": "Login",
-  "ssl-certificate": "SSL Zertifikate",
-  "stream": "Stream",
-  "stream.forward-host": "Forward Host",
-  "stream.incoming-port": "Incoming Port",
-  "streams": "Streams",
-  "streams.count": "{count} {count, plural, one {Stream} other {Streams}}",
-  "streams.tcp": "TCP",
-  "streams.udp": "UDP",
-  "test": "Test",
-  "user": "User",
-  "user.change-password": "Passwort ändern",
-  "user.confirm-password": "Passwort wiederholen",
-  "user.current-password": "Aktuelles Passwort",
-  "user.edit-profile": "Profil bearbeiten",
-  "user.full-name": "Name",
-  "user.login-as": "Einloggen als {name}",
-  "user.logout": "Ausloggen",
-  "user.new-password": "Neues Password",
-  "user.nickname": "Nickname",
-  "user.set-password": "Passwort setzen",
-  "user.set-permissions": "Berechtigungen für {name} setzen",
-  "user.switch-dark": "Zum Dark Mode wechseln",
-  "user.switch-light": "Zum Light Mode wechslen",
-  "username": "Benutzername",
-  "users": "Benutzer"
-}

frontend/src/locale/lang/en.json

@@ -1,216 +0,0 @@
-{
-  "access-list": "Access List",
-  "access-list.access-count": "{count} {count, plural, one {Rule} other {Rules}}",
-  "access-list.auth-count": "{count} {count, plural, one {User} other {Users}}",
-  "access-list.help-rules-last": "When at least 1 rule exists, this deny all rule will be added last",
-  "access-list.help.rules-order": "Note that the allow and deny directives will be applied in the order they are defined.",
-  "access-list.pass-auth": "Pass Auth to Upstream",
-  "access-list.public": "Publicly Accessible",
-  "access-list.public.subtitle": "No basic auth required",
-  "access-list.satisfy-any": "Satisfy Any",
-  "access-list.subtitle": "{users} {users, plural, one {User} other {Users}}, {rules} {rules, plural, one {Rule} other {Rules}} - Created: {date}",
-  "access-lists": "Access Lists",
-  "action.add": "Add",
-  "action.add-location": "Add Location",
-  "action.close": "Close",
-  "action.delete": "Delete",
-  "action.disable": "Disable",
-  "action.download": "Download",
-  "action.edit": "Edit",
-  "action.enable": "Enable",
-  "action.permissions": "Permissions",
-  "action.renew": "Renew",
-  "action.view-details": "View Details",
-  "auditlogs": "Audit Logs",
-  "cancel": "Cancel",
-  "certificate": "Certificate",
-  "certificate.custom-certificate": "Certificate",
-  "certificate.custom-certificate-key": "Certificate Key",
-  "certificate.custom-intermediate": "Intermediate Certificate",
-  "certificate.in-use": "In Use",
-  "certificate.none.subtitle": "No certificate assigned",
-  "certificate.none.subtitle.for-http": "This host will not use HTTPS",
-  "certificate.none.title": "None",
-  "certificate.not-in-use": "Not Used",
-  "certificate.renew": "Renew Certificate",
-  "certificates": "Certificates",
-  "certificates.custom": "Custom Certificate",
-  "certificates.custom.warning": "Key files protected with a passphrase are not supported.",
-  "certificates.dns.credentials": "Credentials File Content",
-  "certificates.dns.credentials-note": "This plugin requires a configuration file containing an API token or other credentials for your provider",
-  "certificates.dns.credentials-warning": "This data will be stored as plaintext in the database and in a file!",
-  "certificates.dns.propagation-seconds": "Propagation Seconds",
-  "certificates.dns.propagation-seconds-note": "Leave empty to use the plugins default value. Number of seconds to wait for DNS propagation.",
-  "certificates.dns.provider": "DNS Provider",
-  "certificates.dns.warning": "This section requires some knowledge about Certbot and its DNS plugins. Please consult the respective plugins documentation.",
-  "certificates.http.reachability-404": "There is a server found at this domain but it does not seem to be Nginx Proxy Manager. Please make sure your domain points to the IP where your NPM instance is running.",
-  "certificates.http.reachability-failed-to-check": "Failed to check the reachability due to a communication error with site24x7.com.",
-  "certificates.http.reachability-not-resolved": "There is no server available at this domain. Please make sure your domain exists and points to the IP where your NPM instance is running and if necessary port 80 is forwarded in your router.",
-  "certificates.http.reachability-ok": "Your server is reachable and creating certificates should be possible.",
-  "certificates.http.reachability-other": "There is a server found at this domain but it returned an unexpected status code {code}. Is it the NPM server? Please make sure your domain points to the IP where your NPM instance is running.",
-  "certificates.http.reachability-wrong-data": "There is a server found at this domain but it returned an unexpected data. Is it the NPM server? Please make sure your domain points to the IP where your NPM instance is running.",
-  "certificates.http.test-results": "Test Results",
-  "certificates.http.warning": "These domains must be already configured to point to this installation.",
-  "certificates.request.subtitle": "with Let's Encrypt",
-  "certificates.request.title": "Request a new Certificate",
-  "column.access": "Access",
-  "column.authorization": "Authorization",
-  "column.authorizations": "Authorizations",
-  "column.custom-locations": "Custom Locations",
-  "column.destination": "Destination",
-  "column.details": "Details",
-  "column.email": "Email",
-  "column.event": "Event",
-  "column.expires": "Expires",
-  "column.http-code": "HTTP Code",
-  "column.incoming-port": "Incoming Port",
-  "column.name": "Name",
-  "column.protocol": "Protocol",
-  "column.provider": "Provider",
-  "column.roles": "Roles",
-  "column.rules": "Rules",
-  "column.satisfy": "Satisfy",
-  "column.satisfy-all": "All",
-  "column.satisfy-any": "Any",
-  "column.scheme": "Scheme",
-  "column.source": "Source",
-  "column.ssl": "SSL",
-  "column.status": "Status",
-  "created-on": "Created: {date}",
-  "dashboard": "Dashboard",
-  "dead-host": "404 Host",
-  "dead-hosts": "404 Hosts",
-  "dead-hosts.count": "{count} {count, plural, one {404 Host} other {404 Hosts}}",
-  "disabled": "Disabled",
-  "domain-names": "Domain Names",
-  "domain-names.max": "{count} domain names maximum",
-  "domain-names.placeholder": "Start typing to add domain...",
-  "domain-names.wildcards-not-permitted": "Wildcards not permitted for this type",
-  "domain-names.wildcards-not-supported": "Wildcards not supported for this CA",
-  "domains.force-ssl": "Force SSL",
-  "domains.hsts-enabled": "HSTS Enabled",
-  "domains.hsts-subdomains": "HSTS Sub-domains",
-  "domains.http2-support": "HTTP/2 Support",
-  "domains.use-dns": "Use DNS Challenge",
-  "email-address": "Email address",
-  "empty-search": "No results found",
-  "empty-subtitle": "Why don't you create one?",
-  "enabled": "Enabled",
-  "error.access.at-least-one": "Either one Authorization or one Access Rule is required",
-  "error.access.duplicate-usernames": "Authorization Usernames must be unique",
-  "error.invalid-auth": "Invalid email or password",
-  "error.invalid-domain": "Invalid domain: {domain}",
-  "error.invalid-email": "Invalid email address",
-  "error.max-character-length": "Maximum length is {max} character{max, plural, one {} other {s}}",
-  "error.max-domains": "Too many domains, max is {max}",
-  "error.maximum": "Maximum is {max}",
-  "error.min-character-length": "Minimum length is {min} character{min, plural, one {} other {s}}",
-  "error.minimum": "Minimum is {min}",
-  "error.passwords-must-match": "Passwords must match",
-  "error.required": "This is required",
-  "expires.on": "Expires: {date}",
-  "footer.github-fork": "Fork me on Github",
-  "host.flags.block-exploits": "Block Common Exploits",
-  "host.flags.cache-assets": "Cache Assets",
-  "host.flags.preserve-path": "Preserve Path",
-  "host.flags.protocols": "Protocols",
-  "host.flags.websockets-upgrade": "Websockets Support",
-  "host.forward-port": "Forward Port",
-  "host.forward-scheme": "Scheme",
-  "hosts": "Hosts",
-  "http-only": "HTTP Only",
-  "lets-encrypt": "Let's Encrypt",
-  "lets-encrypt-via-dns": "Let's Encrypt via DNS",
-  "lets-encrypt-via-http": "Let's Encrypt via HTTP",
-  "loading": "Loading…",
-  "login.title": "Login to your account",
-  "nginx-config.label": "Custom Nginx Configuration",
-  "nginx-config.placeholder": "# Enter your custom Nginx configuration here at your own risk!",
-  "no-permission-error": "You do not have access to view this.",
-  "notfound.action": "Take me home",
-  "notfound.content": "We are sorry but the page you are looking for was not found",
-  "notfound.title": "Oops… You just found an error page",
-  "notification.error": "Error",
-  "notification.object-deleted": "{object} has been deleted",
-  "notification.object-disabled": "{object} has been disabled",
-  "notification.object-enabled": "{object} has been enabled",
-  "notification.object-renewed": "{object} has been renewed",
-  "notification.object-saved": "{object} has been saved",
-  "notification.success": "Success",
-  "object.actions-title": "{object} #{id}",
-  "object.add": "Add {object}",
-  "object.delete": "Delete {object}",
-  "object.delete.content": "Are you sure you want to delete this {object}?",
-  "object.edit": "Edit {object}",
-  "object.empty": "There are no {objects}",
-  "object.event.created": "Created {object}",
-  "object.event.deleted": "Deleted {object}",
-  "object.event.disabled": "Disabled {object}",
-  "object.event.enabled": "Enabled {object}",
-  "object.event.renewed": "Renewed {object}",
-  "object.event.updated": "Updated {object}",
-  "offline": "Offline",
-  "online": "Online",
-  "options": "Options",
-  "password": "Password",
-  "password.generate": "Generate random password",
-  "password.hide": "Hide Password",
-  "password.show": "Show Password",
-  "permissions.hidden": "Hidden",
-  "permissions.manage": "Manage",
-  "permissions.view": "View Only",
-  "permissions.visibility.all": "All Items",
-  "permissions.visibility.title": "Item Visibility",
-  "permissions.visibility.user": "Created Items Only",
-  "proxy-host": "Proxy Host",
-  "proxy-host.forward-host": "Forward Hostname / IP",
-  "proxy-hosts": "Proxy Hosts",
-  "proxy-hosts.count": "{count} {count, plural, one {Proxy Host} other {Proxy Hosts}}",
-  "public": "Public",
-  "redirection-host": "Redirection Host",
-  "redirection-host.forward-domain": "Forward Domain",
-  "redirection-host.forward-http-code": "HTTP Code",
-  "redirection-hosts": "Redirection Hosts",
-  "redirection-hosts.count": "{count} {count, plural, one {Redirection Host} other {Redirection Hosts}}",
-  "role.admin": "Administrator",
-  "role.standard-user": "Standard User",
-  "save": "Save",
-  "setting": "Setting",
-  "settings": "Settings",
-  "settings.default-site": "Default Site",
-  "settings.default-site.404": "404 Page",
-  "settings.default-site.444": "No Response (444)",
-  "settings.default-site.congratulations": "Congratulations Page",
-  "settings.default-site.description": "What to show when Nginx is hit with an unknown Host",
-  "settings.default-site.html": "Custom HTML",
-  "settings.default-site.html.placeholder": "<!-- Enter your custom HTML content here -->",
-  "settings.default-site.redirect": "Redirect",
-  "setup.preamble": "Get started by creating your admin account.",
-  "setup.title": "Welcome!",
-  "sign-in": "Sign in",
-  "ssl-certificate": "SSL Certificate",
-  "stream": "Stream",
-  "stream.forward-host": "Forward Host",
-  "stream.incoming-port": "Incoming Port",
-  "streams": "Streams",
-  "streams.count": "{count} {count, plural, one {Stream} other {Streams}}",
-  "streams.tcp": "TCP",
-  "streams.udp": "UDP",
-  "test": "Test",
-  "user": "User",
-  "user.change-password": "Change Password",
-  "user.confirm-password": "Confirm Password",
-  "user.current-password": "Current Password",
-  "user.edit-profile": "Edit Profile",
-  "user.full-name": "Full Name",
-  "user.login-as": "Sign in as {name}",
-  "user.logout": "Logout",
-  "user.new-password": "New Password",
-  "user.nickname": "Nickname",
-  "user.set-password": "Set Password",
-  "user.set-permissions": "Set Permissions for {name}",
-  "user.switch-dark": "Switch to Dark mode",
-  "user.switch-light": "Switch to Light mode",
-  "username": "Username",
-  "users": "Users"
-}

frontend/src/locale/lang/es.json

@@ -1,216 +0,0 @@
-{
-  "access-list": "Lista de Acceso",
-  "access-list.access-count": "{count} {count, plural, one {Regla} other {Reglas}}",
-  "access-list.auth-count": "{count} {count, plural, one {Usuario} other {Usuarios}}",
-  "access-list.help-rules-last": "Cuando exista al menos 1 regla, esta regla de denegar todo se añadirá al final",
-  "access-list.help.rules-order": "Ten en cuenta que las directivas de permitir y denegar se aplicarán en el orden en que estén definidas.",
-  "access-list.pass-auth": "Pasar Autenticación al Upstream",
-  "access-list.public": "Accesible Públicamente",
-  "access-list.public.subtitle": "No se requiere autenticación básica",
-  "access-list.satisfy-any": "Satisfacer Cualquiera",
-  "access-list.subtitle": "{users} {users, plural, one {Usuario} other {Usuarios}}, {rules} {rules, plural, one {Regla} other {Reglas}} - Creado: {date}",
-  "access-lists": "Listas de Acceso",
-  "action.add": "Añadir",
-  "action.add-location": "Añadir Ubicación",
-  "action.close": "Cerrar",
-  "action.delete": "Eliminar",
-  "action.disable": "Deshabilitar",
-  "action.download": "Descargar",
-  "action.edit": "Editar",
-  "action.enable": "Habilitar",
-  "action.permissions": "Permisos",
-  "action.renew": "Renovar",
-  "action.view-details": "Ver Detalles",
-  "auditlogs": "Registros de Auditoría",
-  "cancel": "Cancelar",
-  "certificate": "Certificado",
-  "certificate.custom-certificate": "Certificado",
-  "certificate.custom-certificate-key": "Clave del Certificado",
-  "certificate.custom-intermediate": "Certificado Intermedio",
-  "certificate.in-use": "En Uso",
-  "certificate.none.subtitle": "Sin certificado asignado",
-  "certificate.none.subtitle.for-http": "Este host no usará HTTPS",
-  "certificate.none.title": "Ninguno",
-  "certificate.not-in-use": "Sin Usar",
-  "certificate.renew": "Renovar Certificado",
-  "certificates": "Certificados",
-  "certificates.custom": "Certificado Personalizado",
-  "certificates.custom.warning": "No se admiten archivos de claves protegidos con contraseña.",
-  "certificates.dns.credentials": "Contenido del Archivo de Credenciales",
-  "certificates.dns.credentials-note": "Este plugin requiere un archivo de configuración que contenga un token de API u otras credenciales para tu proveedor",
-  "certificates.dns.credentials-warning": "¡Estos datos se almacenarán como texto plano en la base de datos y en un archivo!",
-  "certificates.dns.propagation-seconds": "Segundos de Propagación",
-  "certificates.dns.propagation-seconds-note": "Dejar vacío para usar el valor predeterminado del plugin. Número de segundos a esperar para la propagación DNS.",
-  "certificates.dns.provider": "Proveedor DNS",
-  "certificates.dns.warning": "Esta sección requiere algunos conocimientos sobre Certbot y sus plugins DNS. Consulta la documentación de los plugins respectivos.",
-  "certificates.http.reachability-404": "Se encontró un servidor en este dominio pero no parece ser Nginx Proxy Manager. Asegúrate de que tu dominio apunte a la IP donde se está ejecutando tu instancia de NPM.",
-  "certificates.http.reachability-failed-to-check": "No se pudo verificar la accesibilidad debido a un error de comunicación con site24x7.com.",
-  "certificates.http.reachability-not-resolved": "No hay ningún servidor disponible en este dominio. Asegúrate de que tu dominio existe y apunta a la IP donde se está ejecutando tu instancia de NPM y, si es necesario, que el puerto 80 esté redirigido en tu router.",
-  "certificates.http.reachability-ok": "Tu servidor es accesible y debería ser posible crear certificados.",
-  "certificates.http.reachability-other": "Se encontró un servidor en este dominio pero devolvió un código de estado inesperado {code}. ¿Es el servidor NPM? Asegúrate de que tu dominio apunte a la IP donde se está ejecutando tu instancia de NPM.",
-  "certificates.http.reachability-wrong-data": "Se encontró un servidor en este dominio pero devolvió datos inesperados. ¿Es el servidor NPM? Asegúrate de que tu dominio apunte a la IP donde se está ejecutando tu instancia de NPM.",
-  "certificates.http.test-results": "Resultados de la Prueba",
-  "certificates.http.warning": "Estos dominios ya deben estar configurados para apuntar a esta instalación.",
-  "certificates.request.subtitle": "con Let's Encrypt",
-  "certificates.request.title": "Solicitar un nuevo Certificado",
-  "column.access": "Acceso",
-  "column.authorization": "Autorización",
-  "column.authorizations": "Autorizaciones",
-  "column.custom-locations": "Ubicaciones Personalizadas",
-  "column.destination": "Destino",
-  "column.details": "Detalles",
-  "column.email": "Correo Electrónico",
-  "column.event": "Evento",
-  "column.expires": "Expira",
-  "column.http-code": "Código HTTP",
-  "column.incoming-port": "Puerto de Entrada",
-  "column.name": "Nombre",
-  "column.protocol": "Protocolo",
-  "column.provider": "Proveedor",
-  "column.roles": "Roles",
-  "column.rules": "Reglas",
-  "column.satisfy": "Satisfacer",
-  "column.satisfy-all": "Todo",
-  "column.satisfy-any": "Cualquiera",
-  "column.scheme": "Esquema",
-  "column.source": "Origen",
-  "column.ssl": "SSL",
-  "column.status": "Estado",
-  "created-on": "Creado: {date}",
-  "dashboard": "Panel de Control",
-  "dead-host": "Host 404",
-  "dead-hosts": "Hosts 404",
-  "dead-hosts.count": "{count} {count, plural, one {Host 404} other {Hosts 404}}",
-  "disabled": "Deshabilitado",
-  "domain-names": "Nombres de Dominio",
-  "domain-names.max": "{count} nombres de dominio como máximo",
-  "domain-names.placeholder": "Comienza a escribir para añadir dominio...",
-  "domain-names.wildcards-not-permitted": "No se permiten comodines para este tipo",
-  "domain-names.wildcards-not-supported": "No se admiten comodines para esta CA",
-  "domains.force-ssl": "Forzar SSL",
-  "domains.hsts-enabled": "HSTS Habilitado",
-  "domains.hsts-subdomains": "HSTS en Subdominios",
-  "domains.http2-support": "Soporte HTTP/2",
-  "domains.use-dns": "Usar Desafío DNS",
-  "email-address": "Dirección de correo electrónico",
-  "empty-search": "No se encontraron resultados",
-  "empty-subtitle": "¿Por qué no creas uno?",
-  "enabled": "Habilitado",
-  "error.access.at-least-one": "Se requiere al menos una Autorización o una Regla de Acceso",
-  "error.access.duplicate-usernames": "Los nombres de usuario de autorización deben ser únicos",
-  "error.invalid-auth": "Correo electrónico o contraseña no válidos",
-  "error.invalid-domain": "Dominio no válido: {domain}",
-  "error.invalid-email": "Dirección de correo electrónico no válida",
-  "error.max-character-length": "La longitud máxima es {max} caracter{max, plural, one {} other {es}}",
-  "error.max-domains": "Demasiados dominios, el máximo es {max}",
-  "error.maximum": "El máximo es {max}",
-  "error.min-character-length": "La longitud mínima es {min} caracter{min, plural, one {} other {es}}",
-  "error.minimum": "El mínimo es {min}",
-  "error.passwords-must-match": "Las contraseñas deben coincidir",
-  "error.required": "Este campo es obligatorio",
-  "expires.on": "Expira: {date}",
-  "footer.github-fork": "Bifúrcame en Github",
-  "host.flags.block-exploits": "Bloquear Exploits Comunes",
-  "host.flags.cache-assets": "Cachear Recursos",
-  "host.flags.preserve-path": "Preservar Ruta",
-  "host.flags.protocols": "Protocolos",
-  "host.flags.websockets-upgrade": "Soporte de Websockets",
-  "host.forward-port": "Puerto de Reenvío",
-  "host.forward-scheme": "Esquema",
-  "hosts": "Hosts",
-  "http-only": "Solo HTTP",
-  "lets-encrypt": "Let's Encrypt",
-  "lets-encrypt-via-dns": "Let's Encrypt vía DNS",
-  "lets-encrypt-via-http": "Let's Encrypt vía HTTP",
-  "loading": "Cargando…",
-  "login.title": "Inicia sesión en tu cuenta",
-  "nginx-config.label": "Configuración Personalizada de Nginx",
-  "nginx-config.placeholder": "# ¡Introduce aquí tu configuración personalizada de Nginx bajo tu propio riesgo!",
-  "no-permission-error": "No tienes acceso para ver esto.",
-  "notfound.action": "Llévame al inicio",
-  "notfound.content": "Lo sentimos, pero la página que buscas no fue encontrada",
-  "notfound.title": "Ups… Has encontrado una página de error",
-  "notification.error": "Error",
-  "notification.object-deleted": "{object} ha sido eliminado",
-  "notification.object-disabled": "{object} ha sido deshabilitado",
-  "notification.object-enabled": "{object} ha sido habilitado",
-  "notification.object-renewed": "{object} ha sido renovado",
-  "notification.object-saved": "{object} ha sido guardado",
-  "notification.success": "Éxito",
-  "object.actions-title": "{object} #{id}",
-  "object.add": "Añadir {object}",
-  "object.delete": "Eliminar {object}",
-  "object.delete.content": "¿Estás seguro de que quieres eliminar este {object}?",
-  "object.edit": "Editar {object}",
-  "object.empty": "No hay {objects}",
-  "object.event.created": "{object} Creado",
-  "object.event.deleted": "{object} Eliminado",
-  "object.event.disabled": "{object} Deshabilitado",
-  "object.event.enabled": "{object} Habilitado",
-  "object.event.renewed": "{object} Renovado",
-  "object.event.updated": "{object} Actualizado",
-  "offline": "Desconectado",
-  "online": "Conectado",
-  "options": "Opciones",
-  "password": "Contraseña",
-  "password.generate": "Generar contraseña aleatoria",
-  "password.hide": "Ocultar Contraseña",
-  "password.show": "Mostrar Contraseña",
-  "permissions.hidden": "Oculto",
-  "permissions.manage": "Gestionar",
-  "permissions.view": "Solo Ver",
-  "permissions.visibility.all": "Todos los Elementos",
-  "permissions.visibility.title": "Visibilidad de Elementos",
-  "permissions.visibility.user": "Solo Elementos Creados",
-  "proxy-host": "Host Proxy",
-  "proxy-host.forward-host": "Nombre de Host / IP de Reenvío",
-  "proxy-hosts": "Hosts Proxy",
-  "proxy-hosts.count": "{count} {count, plural, one {Host Proxy} other {Hosts Proxy}}",
-  "public": "Público",
-  "redirection-host": "Host de Redirección",
-  "redirection-host.forward-domain": "Dominio de Reenvío",
-  "redirection-host.forward-http-code": "Código HTTP",
-  "redirection-hosts": "Hosts de Redirección",
-  "redirection-hosts.count": "{count} {count, plural, one {Host de Redirección} other {Hosts de Redirección}}",
-  "role.admin": "Administrador",
-  "role.standard-user": "Usuario Estándar",
-  "save": "Guardar",
-  "setting": "Configuración",
-  "settings": "Configuración",
-  "settings.default-site": "Sitio Predeterminado",
-  "settings.default-site.404": "Página 404",
-  "settings.default-site.444": "Sin Respuesta (444)",
-  "settings.default-site.congratulations": "Página de Felicitaciones",
-  "settings.default-site.description": "Qué mostrar cuando Nginx recibe un Host desconocido",
-  "settings.default-site.html": "HTML Personalizado",
-  "settings.default-site.html.placeholder": "<!-- Introduce aquí tu contenido HTML personalizado -->",
-  "settings.default-site.redirect": "Redirigir",
-  "setup.preamble": "Comienza creando tu cuenta de administrador.",
-  "setup.title": "¡Bienvenido!",
-  "sign-in": "Iniciar Sesión",
-  "ssl-certificate": "Certificado SSL",
-  "stream": "Stream",
-  "stream.forward-host": "Host de Reenvío",
-  "stream.incoming-port": "Puerto de Entrada",
-  "streams": "Streams",
-  "streams.count": "{count} {count, plural, one {Stream} other {Streams}}",
-  "streams.tcp": "TCP",
-  "streams.udp": "UDP",
-  "test": "Probar",
-  "user": "Usuario",
-  "user.change-password": "Cambiar Contraseña",
-  "user.confirm-password": "Confirmar Contraseña",
-  "user.current-password": "Contraseña Actual",
-  "user.edit-profile": "Editar Perfil",
-  "user.full-name": "Nombre Completo",
-  "user.login-as": "Iniciar sesión como {name}",
-  "user.logout": "Cerrar Sesión",
-  "user.new-password": "Nueva Contraseña",
-  "user.nickname": "Apodo",
-  "user.set-password": "Establecer Contraseña",
-  "user.set-permissions": "Establecer Permisos para {name}",
-  "user.switch-dark": "Cambiar a modo Oscuro",
-  "user.switch-light": "Cambiar a modo Claro",
-  "username": "Nombre de Usuario",
-  "users": "Usuarios"
-}

frontend/src/locale/lang/ja.json

@@ -1,215 +0,0 @@
-{
-  "access-list": "アクセスリスト",
-  "access-list.access-count": "{count} ルール",
-  "access-list.auth-count": "{count} ユーザー",
-  "access-list.help-rules-last": "少なくとも 1 つのルールが存在する場合、 他のすべてを拒否するルールが最後に追加されます",
-  "access-list.help.rules-order": "許可コマンドと拒否コマンドは定義された順番で適用されます",
-  "access-list.pass-auth": "認証情報をアップストリームに送信する",
-  "access-list.public": "公開されたアクセス",
-  "access-list.public.subtitle": "ベーシック認証を使用しません",
-  "access-list.satisfy-any": "いずれかを満たす",
-  "access-list.subtitle": "{users} ユーザー, {rules} ルール - 作成日時: {date}",
-  "access-lists": "アクセスリスト",
-  "action.add": "追加",
-  "action.add-location": "場所を追加",
-  "action.close": "閉じる",
-  "action.delete": "削除",
-  "action.disable": "無効化",
-  "action.download": "ダウンロード",
-  "action.edit": "編集",
-  "action.enable": "有効化",
-  "action.permissions": "権限",
-  "action.renew": "更新",
-  "action.view-details": "詳細",
-  "auditlogs": "監査ログ",
-  "cancel": "キャンセル",
-  "certificate": "証明書",
-  "certificate.custom-certificate": "証明書",
-  "certificate.custom-certificate-key": "証明書キー",
-  "certificate.custom-intermediate": "中間証明書",
-  "certificate.in-use": "使用中",
-  "certificate.none.subtitle": "証明書が割り当てられていません",
-  "certificate.none.subtitle.for-http": "このホストはHTTPSを使用しません",
-  "certificate.none.title": "無し",
-  "certificate.not-in-use": "未使用",
-  "certificate.renew": "証明書を更新",
-  "certificates": "証明書",
-  "certificates.custom": "カスタム証明書",
-  "certificates.custom.warning": "パスワードによって保護されたキーファイルはサポートされていません",
-  "certificates.dns.credentials": "資格情報ファイルの内容",
-  "certificates.dns.credentials-note": "このプラグインはプロバイダーのAPIキーか認証情報を含む設定ファイルが必要です",
-  "certificates.dns.credentials-warning": "このデータはファイルとデータベースにプレーンテキストとして保存されます",
-  "certificates.dns.propagation-seconds": "DNS伝播時間(秒)",
-  "certificates.dns.propagation-seconds-note": "DNSの伝搬時間を秒で指定します。空にするとデフォルトの値を使用します。",
-  "certificates.dns.provider": "DNSプロバイダー",
-  "certificates.dns.warning": "このセクションはCertbotとそのDNSプラグインの知識が必要です。各プラグインのドキュメントを参照してください。",
-  "certificates.http.reachability-404": "このドメインはNginx Proxy Managerではないサーバーを指しているようです。ドメインがこのNPMインスタンスを指していることを確認してください。",
-  "certificates.http.reachability-failed-to-check": "site24x7.comへの接続でエラーが発生し、到達性チェックに失敗しました",
-  "certificates.http.reachability-not-resolved": "このドメインには利用可能なサーバーがありません。ドメインが存在し、NPMインスタンスのIPアドレスを指していること、必要に応じてルーターでポート80が転送されていることを確認してください。",
-  "certificates.http.reachability-ok": "サーバーへ到達可能であり、証明書の作成が可能です。",
-  "certificates.http.reachability-other": "このドメインでサーバーが見つかりましたが予期しないステータスコード {code} を返しました. NPMサーバーが動いていますか? ドメインがこのNPMインスタンスを指していることを確認してください。",
-  "certificates.http.reachability-wrong-data": "このドメインでサーバーが見つかりましたが予期しないデータを返しました. NPMサーバーが動いていますか? ドメインがこのNPMインスタンスを指していることを確認してください。",
-  "certificates.http.test-results": "テスト結果",
-  "certificates.http.warning": "これらのドメインは、すでにこのインストール先を指すように設定されている必要がありますあ.",
-  "certificates.request.subtitle": "Let's Encryptを使用する",
-  "certificates.request.title": "新しい証明書を作成",
-  "column.access": "アクセス",
-  "column.authorization": "認証",
-  "column.authorizations": "認証",
-  "column.custom-locations": "カスタムロケーション",
-  "column.destination": "宛先",
-  "column.details": "詳細",
-  "column.email": "Email",
-  "column.event": "イベント",
-  "column.expires": "期限切れ",
-  "column.http-code": "アクセス",
-  "column.incoming-port": "受信ポート",
-  "column.name": "名前",
-  "column.protocol": "プロトコル",
-  "column.provider": "プロバイダー",
-  "column.roles": "Roles",
-  "column.rules": "ルール",
-  "column.satisfy": "Satisfy",
-  "column.satisfy-all": "すべて",
-  "column.satisfy-any": "いずれか",
-  "column.scheme": "スキーム",
-  "column.source": "ソース",
-  "column.ssl": "SSL",
-  "column.status": "ステータス",
-  "created-on": "作成日時: {date}",
-  "dashboard": "ダッシュボード",
-  "dead-host": "404 ホスト",
-  "dead-hosts": "404 ホスト",
-  "dead-hosts.count": "{count} 404 ホスト",
-  "disabled": "無効化",
-  "domain-names": "ドメイン名",
-  "domain-names.max": "{count}のドメイン名が最大です",
-  "domain-names.placeholder": "追加するドメインを入力...",
-  "domain-names.wildcards-not-permitted": "ワイルドカードはこのタイプでは許可されていません",
-  "domain-names.wildcards-not-supported": "ワイルドカードはこのCAではサポートされていません",
-  "domains.force-ssl": "SSLを強制",
-  "domains.hsts-enabled": "HSTSを有効化",
-  "domains.hsts-subdomains": "HSTSサブドメイン",
-  "domains.http2-support": "HTTP/2サポート",
-  "domains.use-dns": "DNSチャレンジを使用",
-  "email-address": "Emailアドレス",
-  "empty-search": "見つかりませんでした",
-  "empty-subtitle": "作ってみましょう",
-  "enabled": "有効",
-  "error.access.at-least-one": "少なくとも一つの認証またはアクセスルールが必要です",
-  "error.access.duplicate-usernames": "認証のユーザー名は他と同じ名前は使用できません",
-  "error.invalid-auth": "無効なemailまたはパスワード",
-  "error.invalid-domain": "無効なドメイン: {domain}",
-  "error.invalid-email": "無効なemailアドレス",
-  "error.max-character-length": "文字数は長くとも{max}文字です",
-  "error.max-domains": "ドメインが多すぎます, 最大値は{max}です",
-  "error.maximum": "最大値は{max}です",
-  "error.min-character-length": "文字数は少なくとも{min}文字です",
-  "error.minimum": "最小値は{min}です",
-  "error.passwords-must-match": "パスワードは一致する必要があります",
-  "error.required": "必須項目です",
-  "expires.on": "有効期限: {date}",
-  "footer.github-fork": "Fork me on Github",
-  "host.flags.block-exploits": "一般的なエクスプロイトをブロックする",
-  "host.flags.cache-assets": "アセットをキャッシュする",
-  "host.flags.preserve-path": "パスワードは一致する必要があります",
-  "host.flags.protocols": "プロトコル",
-  "host.flags.websockets-upgrade": "Websocketsサポート",
-  "host.forward-port": "転送ポート",
-  "host.forward-scheme": "スキーム",
-  "hosts": "ホスト",
-  "http-only": "HTTP Only",
-  "lets-encrypt": "Let's Encrypt",
-  "lets-encrypt-via-dns": "Let's Encrypt via DNS",
-  "lets-encrypt-via-http": "Let's Encrypt via HTTP",
-  "loading": "Loading…",
-  "login.title": "アカウントにログイン",
-  "nginx-config.label": "カスタムNginx設定",
-  "nginx-config.placeholder": "# Enter your custom Nginx configuration here at your own risk!",
-  "no-permission-error": "これを表示する権限がありません",
-  "notfound.action": "ホームに戻る",
-  "notfound.content": "申し訳ありませんが探しているページは見つかりませんでした",
-  "notfound.title": "おっと... エラーページにたどり着いてしまったようです",
-  "notification.error": "エラー",
-  "notification.object-deleted": "{object}は削除されました",
-  "notification.object-disabled": "{object}は無効化されました",
-  "notification.object-enabled": "{object}は有効化されました",
-  "notification.object-renewed": "{object}は再作成されました",
-  "notification.object-saved": "{object}は保存されました",
-  "notification.success": "成功",
-  "object.actions-title": "{object} #{id}",
-  "object.add": "{object}を追加",
-  "object.delete": "{object}を削除",
-  "object.delete.content": "本当に{object}を削除しますか?",
-  "object.edit": "{object}を編集",
-  "object.empty": "{objects}はありません",
-  "object.event.created": "{object}を作成済み",
-  "object.event.deleted": "{object}を削除済み",
-  "object.event.disabled": "{object}を無効化済み",
-  "object.event.enabled": "{object}を有効化済み",
-  "object.event.renewed": "{object}を再作成済み",
-  "object.event.updated": "{object}を更新済み",
-  "offline": "Offline",
-  "online": "Online",
-  "options": "Options",
-  "password": "パスワード",
-  "password.generate": "ランダムなパスワードを生成",
-  "password.hide": "パスワードを隠す",
-  "password.show": "パスワードを表示する",
-  "permissions.hidden": "非公開",
-  "permissions.manage": "管理",
-  "permissions.view": "表示のみ",
-  "permissions.visibility.all": "すべて",
-  "permissions.visibility.title": "可視性",
-  "permissions.visibility.user": "作成したもののみ",
-  "proxy-host": "プロキシホスト",
-  "proxy-host.forward-host": "転送ホスト名/IP",
-  "proxy-hosts": "プロキシホスト",
-  "proxy-hosts.count": "{count} プロキシホスト",
-  "public": "Public",
-  "redirection-host": "リダイレクトホスト",
-  "redirection-host.forward-domain": "転送ホスト",
-  "redirection-hosts": "リダイレクトホスト",
-  "redirection-hosts.count": "{count} リダイレクトホスト",
-  "role.admin": "管理者",
-  "role.standard-user": "一般ユーザー",
-  "save": "保存",
-  "setting": "設定",
-  "settings": "設定",
-  "settings.default-site": "デフォルトサイト",
-  "settings.default-site.404": "404ページ",
-  "settings.default-site.444": "返答しない (444)",
-  "settings.default-site.congratulations": "設定ページ",
-  "settings.default-site.description": "不明なホストを要求されたときにNginxが何を返すかを設定します",
-  "settings.default-site.html": "カスタムHTML",
-  "settings.default-site.html.placeholder": "<!-- Enter your custom HTML content here -->",
-  "settings.default-site.redirect": "リダイレクト",
-  "setup.preamble": "管理者アカウントを作成して始めましょう",
-  "setup.title": "ようこそ!",
-  "sign-in": "サインイン",
-  "ssl-certificate": "SSL証明書",
-  "stream": "ストリーム",
-  "stream.forward-host": "転送ポート",
-  "stream.incoming-port": "受信ポート",
-  "streams": "ストリーム",
-  "streams.count": "{count} ストリーム",
-  "streams.tcp": "TCP",
-  "streams.udp": "UDP",
-  "test": "テスト",
-  "user": "ユーザー",
-  "user.change-password": "変更するパスワード",
-  "user.confirm-password": "変更するパスワードを確認",
-  "user.current-password": "現在のパスワード",
-  "user.edit-profile": "プロフィールを編集",
-  "user.full-name": "フルネーム",
-  "user.login-as": "{name}としてサインイン",
-  "user.logout": "ログアウト",
-  "user.new-password": "新しいパスワード",
-  "user.nickname": "ニックネーム",
-  "user.set-password": "パスワードを設定",
-  "user.set-permissions": "{name}に権限を設定",
-  "user.switch-dark": "ダークモードに変更",
-  "user.switch-light": "ライトモードに変更",
-  "username": "ユーザー名",
-  "users": "ユーザー"
-}

frontend/src/locale/lang/lang-list.json

@@ -1,10 +0,0 @@
-{
-  "locale-de-DE": "German",
-  "locale-en-US": "English",
-  "locale-es-ES": "Español",
-  "locale-ja-JP": "日本語",
-  "locale-pl-PL": "Polski",
-  "locale-ru-RU": "Русский",
-  "locale-sk-SK": "Slovak",
-  "locale-zh-CN": "中文"
-}

frontend/src/locale/lang/pl.json

@@ -1,216 +0,0 @@
-{
-  "access-list": "Lista dostępu",
-  "access-list.access-count": "{count} {count, plural, one {Reguła} few {Reguły} other {Reguł}}",
-  "access-list.auth-count": "{count} {count, plural, one {Użytkownik} few {Użytkowników} other {Użytkowników}}",
-  "access-list.help-rules-last": "Gdy istnieje co najmniej 1 reguła, ta reguła blokująca wszystko zostanie dodana na końcu",
-  "access-list.help.rules-order": "Należy pamiętać, że dyrektywy zezwolenia i odmowy będą stosowane w kolejności, w jakiej zostały zdefiniowane.",
-  "access-list.pass-auth": "Przekaż uwierzytelnienie do serwera docelowego",
-  "access-list.public": "Publicznie dostępne",
-  "access-list.public.subtitle": "Nie wymaga uwierzytelnienia podstawowego",
-  "access-list.satisfy-any": "Spełnij dowolny warunek",
-  "access-list.subtitle": "{users} {users, plural, one {Użytkownik} few {Użytkowników} other {Użytkowników}}, {rules} {rules, plural, one {Reguła} few {Reguły} other {Reguł}} - Utworzono: {date}",
-  "access-lists": "Listy dostępu",
-  "action.add": "Dodaj",
-  "action.add-location": "Dodaj lokalizację",
-  "action.close": "Zamknij",
-  "action.delete": "Usuń",
-  "action.disable": "Wyłącz",
-  "action.download": "Pobierz",
-  "action.edit": "Edytuj",
-  "action.enable": "Włącz",
-  "action.permissions": "Uprawnienia",
-  "action.renew": "Odnów",
-  "action.view-details": "Pokaż szczegóły",
-  "auditlogs": "Logi audytu",
-  "cancel": "Anuluj",
-  "certificate": "Certyfikat",
-  "certificate.custom-certificate": "Certyfikat",
-  "certificate.custom-certificate-key": "Klucz certyfikatu",
-  "certificate.custom-intermediate": "Certyfikat pośredni",
-  "certificate.in-use": "W użyciu",
-  "certificate.none.subtitle": "Nie przypisano certyfikatu",
-  "certificate.none.subtitle.for-http": "Ten host nie będzie używał HTTPS",
-  "certificate.none.title": "Brak",
-  "certificate.not-in-use": "Nie używany",
-  "certificate.renew": "Odnów certyfikat",
-  "certificates": "Certyfikaty",
-  "certificates.custom": "Certyfikat własny",
-  "certificates.custom.warning": "Pliki kluczy chronione hasłem nie są obsługiwane.",
-  "certificates.dns.credentials": "Zawartość pliku z poświadczeniami",
-  "certificates.dns.credentials-note": "Ta wtyczka wymaga pliku konfiguracyjnego zawierającego token API lub inne poświadczenia dla twojego dostawcy",
-  "certificates.dns.credentials-warning": "Te dane zostaną zapisane jako zwykły tekst w bazie danych i pliku!",
-  "certificates.dns.propagation-seconds": "Sekundy propagacji",
-  "certificates.dns.propagation-seconds-note": "Pozostaw puste, aby użyć domyślnej wartości wtyczki. Liczba sekund oczekiwania na propagację DNS.",
-  "certificates.dns.provider": "Dostawca DNS",
-  "certificates.dns.warning": "Ta sekcja wymaga pewnej wiedzy na temat Certbot i jego wtyczek DNS. Zapoznaj się z dokumentacją odpowiednich wtyczek.",
-  "certificates.http.reachability-404": "Znaleziono serwer pod tą domeną, ale nie wygląda na to, że jest to Nginx Proxy Manager. Upewnij się, że twoja domena wskazuje na adres IP, gdzie działa twoja instancja NPM.",
-  "certificates.http.reachability-failed-to-check": "Nie udało się sprawdzić dostępności z powodu błędu komunikacji z site24x7.com.",
-  "certificates.http.reachability-not-resolved": "Brak dostępnego serwera pod tą domeną. Upewnij się, że twoja domena istnieje i wskazuje na adres IP, gdzie działa twoja instancja NPM, oraz w razie potrzeby, że port 80 jest przekierowany w routerze lub owarty w firewall-u.",
-  "certificates.http.reachability-ok": "Twój serwer jest dostępny i tworzenie certyfikatów powinno być możliwe.",
-  "certificates.http.reachability-other": "Znaleziono serwer pod tą domeną, ale zwrócił nieoczekiwany kod statusu {code}. Czy to serwer NPM? Upewnij się, że twoja domena wskazuje na adres IP, gdzie działa twoja instancja NPM.",
-  "certificates.http.reachability-wrong-data": "Znaleziono serwer pod tą domeną, ale zwrócił nieoczekiwane dane. Czy to serwer NPM? Upewnij się, że twoja domena wskazuje na adres IP, gdzie działa twoja instancja NPM.",
-  "certificates.http.test-results": "Wyniki testu",
-  "certificates.http.warning": "Te domeny muszą być już skonfigurowane tak, aby wskazywały na ten serwer www",
-  "certificates.request.subtitle": "z Let's Encrypt",
-  "certificates.request.title": "Zamów nowy certyfikat",
-  "column.access": "Dostęp",
-  "column.authorization": "Autoryzacja",
-  "column.authorizations": "Autoryzacje",
-  "column.custom-locations": "Własne lokalizacje",
-  "column.destination": "Cel",
-  "column.details": "Szczegóły",
-  "column.email": "Email",
-  "column.event": "Zdarzenie",
-  "column.expires": "Wygasa",
-  "column.http-code": "Kod HTTP",
-  "column.incoming-port": "Port przychodzący",
-  "column.name": "Nazwa",
-  "column.protocol": "Protokół",
-  "column.provider": "Dostawca",
-  "column.roles": "Role",
-  "column.rules": "Reguły",
-  "column.satisfy": "Spełnij",
-  "column.satisfy-all": "Wszystkie",
-  "column.satisfy-any": "Dowolny",
-  "column.scheme": "Schemat",
-  "column.source": "Źródło",
-  "column.ssl": "SSL",
-  "column.status": "Status",
-  "created-on": "Utworzono: {date}",
-  "dashboard": "Panel",
-  "dead-host": "Host 404",
-  "dead-hosts": "Hosty 404",
-  "dead-hosts.count": "{count} {count, plural, one {Host 404} few {Hosty 404} other {Hostów 404}}",
-  "disabled": "Wyłączone",
-  "domain-names": "Nazwy domen",
-  "domain-names.max": "Maksymalnie {count} nazw domen",
-  "domain-names.placeholder": "Zacznij pisać, aby dodać domenę...",
-  "domain-names.wildcards-not-permitted": "Symbole wieloznaczne nie są dozwolone dla tego typu",
-  "domain-names.wildcards-not-supported": "Symbole wieloznaczne nie są obsługiwane dla tego CA",
-  "domains.force-ssl": "Wymuś SSL",
-  "domains.hsts-enabled": "HSTS włączone",
-  "domains.hsts-subdomains": "HSTS dla subdomen",
-  "domains.http2-support": "Obsługa HTTP/2",
-  "domains.use-dns": "Użyj wyzwania DNS",
-  "email-address": "Adres email",
-  "empty-search": "Nie znaleziono wyników",
-  "empty-subtitle": "Może utworzysz nowy?",
-  "enabled": "Włączone",
-  "error.access.at-least-one": "Wymagana jest co najmniej jedna autoryzacja lub jedna reguła dostępu",
-  "error.access.duplicate-usernames": "Nazwy użytkowników autoryzacji muszą być unikalne",
-  "error.invalid-auth": "Nieprawidłowy email lub hasło",
-  "error.invalid-domain": "Nieprawidłowa domena: {domain}",
-  "error.invalid-email": "Nieprawidłowy adres email",
-  "error.max-character-length": "Maksymalna długość to {max} {max, plural, one {znak} few {znaki} other {znaków}}",
-  "error.max-domains": "Zbyt wiele domen, maksimum to {max}",
-  "error.maximum": "Maksimum to {max}",
-  "error.min-character-length": "Minimalna długość to {min} {min, plural, one {znak} few {znaki} other {znaków}}",
-  "error.minimum": "Minimum to {min}",
-  "error.passwords-must-match": "Hasła muszą się zgadzać",
-  "error.required": "To pole jest wymagane",
-  "expires.on": "Wygasa: {date}",
-  "footer.github-fork": "Forkuj mnie na Github",
-  "host.flags.block-exploits": "Blokuj typowe exploity",
-  "host.flags.cache-assets": "Buforuj zasoby",
-  "host.flags.preserve-path": "Zachowaj ścieżkę",
-  "host.flags.protocols": "Protokoły",
-  "host.flags.websockets-upgrade": "Obsługa WebSockets",
-  "host.forward-port": "Port przekierowania",
-  "host.forward-scheme": "Schemat",
-  "hosts": "Hosty",
-  "http-only": "Tylko HTTP",
-  "lets-encrypt": "Let's Encrypt",
-  "lets-encrypt-via-dns": "Let's Encrypt przez DNS",
-  "lets-encrypt-via-http": "Let's Encrypt przez HTTP",
-  "loading": "Ładowanie…",
-  "login.title": "Zaloguj się na swoje konto",
-  "nginx-config.label": "Własna konfiguracja Nginx",
-  "nginx-config.placeholder": "# Wprowadź tutaj własną konfigurację Nginx na własną odpowiedzialność!",
-  "no-permission-error": "Nie masz uprawnień do wyświetlenia tego.",
-  "notfound.action": "Zabierz mnie do strony głównej",
-  "notfound.content": "Przepraszamy, ale strona, której szukasz, nie została znaleziona",
-  "notfound.title": "Ups… Właśnie znalazłeś stronę błędu",
-  "notification.error": "Błąd",
-  "notification.object-deleted": "{object} został usunięty",
-  "notification.object-disabled": "{object} został wyłączony",
-  "notification.object-enabled": "{object} został włączony",
-  "notification.object-renewed": "{object} został odnowiony",
-  "notification.object-saved": "{object} został zapisany",
-  "notification.success": "Sukces",
-  "object.actions-title": "{object} #{id}",
-  "object.add": "Dodaj {object}",
-  "object.delete": "Usuń {object}",
-  "object.delete.content": "Czy na pewno chcesz usunąć {object}?",
-  "object.edit": "Edytuj {object}",
-  "object.empty": "Brak {objects}",
-  "object.event.created": "Utworzono {object}",
-  "object.event.deleted": "Usunięto {object}",
-  "object.event.disabled": "Wyłączono {object}",
-  "object.event.enabled": "Włączono {object}",
-  "object.event.renewed": "Odnowiono {object}",
-  "object.event.updated": "Zaktualizowano {object}",
-  "offline": "Offline",
-  "online": "Online",
-  "options": "Opcje",
-  "password": "Hasło",
-  "password.generate": "Wygeneruj losowe hasło",
-  "password.hide": "Ukryj hasło",
-  "password.show": "Pokaż hasło",
-  "permissions.hidden": "Ukryte",
-  "permissions.manage": "Zarządzaj",
-  "permissions.view": "Tylko podgląd",
-  "permissions.visibility.all": "Wszystkie elementy",
-  "permissions.visibility.title": "Widoczność elementów",
-  "permissions.visibility.user": "Tylko utworzone elementy",
-  "proxy-host": "Host proxy",
-  "proxy-host.forward-host": "Przekieruj na hostname / IP",
-  "proxy-hosts": "Hosty proxy",
-  "proxy-hosts.count": "{count} {count, plural, one {Host proxy} few {Hosty proxy} other {Hostów proxy}}",
-  "public": "Publiczne",
-  "redirection-host": "Host przekierowania",
-  "redirection-host.forward-domain": "Domena docelowa",
-  "redirection-host.forward-http-code": "Kod HTTP",
-  "redirection-hosts": "Hosty przekierowań",
-  "redirection-hosts.count": "{count} {count, plural, one {Host przekierowania} few {Hosty przekierowań} other {Hostów przekierowań}}",
-  "role.admin": "Administrator",
-  "role.standard-user": "Standardowy użytkownik",
-  "save": "Zapisz",
-  "setting": "Ustawienie",
-  "settings": "Ustawienia",
-  "settings.default-site": "Domyślna strona",
-  "settings.default-site.404": "Strona 404",
-  "settings.default-site.444": "Brak odpowiedzi (444)",
-  "settings.default-site.congratulations": "Strona gratulacyjna",
-  "settings.default-site.description": "Co wyświetlić, gdy Nginx otrzyma nieznany Host",
-  "settings.default-site.html": "Własny HTML",
-  "settings.default-site.html.placeholder": "<!-- Wprowadź tutaj własną zawartość HTML -->",
-  "settings.default-site.redirect": "Przekierowanie",
-  "setup.preamble": "Zacznij od utworzenia konta administratora.",
-  "setup.title": "Witaj!",
-  "sign-in": "Zaloguj się",
-  "ssl-certificate": "Certyfikat SSL",
-  "stream": "Strumień",
-  "stream.forward-host": "Host docelowy",
-  "stream.incoming-port": "Port przychodzący",
-  "streams": "Strumienie",
-  "streams.count": "{count} {count, plural, one {Strumień} few {Strumienie} other {Strumieni}}",
-  "streams.tcp": "TCP",
-  "streams.udp": "UDP",
-  "test": "Test",
-  "user": "Użytkownik",
-  "user.change-password": "Zmień hasło",
-  "user.confirm-password": "Potwierdź hasło",
-  "user.current-password": "Aktualne hasło",
-  "user.edit-profile": "Edytuj profil",
-  "user.full-name": "Pełne imię i nazwisko",
-  "user.login-as": "Zaloguj jako {name}",
-  "user.logout": "Wyloguj",
-  "user.new-password": "Nowe hasło",
-  "user.nickname": "Pseudonim",
-  "user.set-password": "Ustaw hasło",
-  "user.set-permissions": "Ustaw uprawnienia dla {name}",
-  "user.switch-dark": "Przełącz na tryb ciemny",
-  "user.switch-light": "Przełącz na tryb jasny",
-  "username": "Nazwa użytkownika",
-  "users": "Użytkownicy"
-}

frontend/src/locale/lang/ru.json

@@ -1,216 +0,0 @@
-{
-  "access-list": "Список доступа",
-  "access-list.access-count": "{count} {count, plural, one {правило} few {правила} many {правил} other {правила}}",
-  "access-list.auth-count": "{count} {count, plural, one {пользователь} few {пользователя} many {пользователей} other {пользователя}}",
-  "access-list.help-rules-last": "When at least 1 rule exists, this deny all rule will be added last",
-  "access-list.help.rules-order": "Note that the allow and deny directives will be applied in the order they are defined.",
-  "access-list.pass-auth": "Pass Auth to Upstream",
-  "access-list.public": "Публично доступен",
-  "access-list.public.subtitle": "Без аутентификации",
-  "access-list.satisfy-any": "Любое совпадение",
-  "access-list.subtitle": "{users} {users, plural, one {User} other {Users}}, {rules} {rules, plural, one {Rule} other {Rules}} - Created: {date}",
-  "access-lists": "Списки доступа",
-  "action.add": "Добавить",
-  "action.add-location": "Добавить маршрут",
-  "action.close": "Закрыть",
-  "action.delete": "Удалить",
-  "action.disable": "Выключить",
-  "action.download": "Скачать",
-  "action.edit": "Изменить",
-  "action.enable": "Включить",
-  "action.permissions": "Разрешения",
-  "action.renew": "Продлить",
-  "action.view-details": "Просмотреть детали",
-  "auditlogs": "Журнал аудита",
-  "cancel": "Отменить",
-  "certificate": "Сертификат",
-  "certificate.custom-certificate": "Сертификат",
-  "certificate.custom-certificate-key": "Ключ сертификата",
-  "certificate.custom-intermediate": "Промежуточный сертификат",
-  "certificate.in-use": "Используется",
-  "certificate.none.subtitle": "Сертификат не назначен",
-  "certificate.none.subtitle.for-http": "Этот хост не будет использовать HTTPS",
-  "certificate.none.title": "Нет",
-  "certificate.not-in-use": "Не используется",
-  "certificate.renew": "Продлить сертификат",
-  "certificates": "Сертификаты",
-  "certificates.custom": "Свой сертификат",
-  "certificates.custom.warning": "Файлы ключей, защищённые паролем, не поддерживаются.",
-  "certificates.dns.credentials": "Credentials File Content",
-  "certificates.dns.credentials-note": "This plugin requires a configuration file containing an API token or other credentials for your provider",
-  "certificates.dns.credentials-warning": "This data will be stored as plaintext in the database and in a file!",
-  "certificates.dns.propagation-seconds": "Propagation Seconds",
-  "certificates.dns.propagation-seconds-note": "Leave empty to use the plugins default value. Number of seconds to wait for DNS propagation.",
-  "certificates.dns.provider": "DNS-провайдер",
-  "certificates.dns.warning": "This section requires some knowledge about Certbot and its DNS plugins. Please consult the respective plugins documentation.",
-  "certificates.http.reachability-404": "There is a server found at this domain but it does not seem to be Nginx Proxy Manager. Please make sure your domain points to the IP where your NPM instance is running.",
-  "certificates.http.reachability-failed-to-check": "Failed to check the reachability due to a communication error with site24x7.com.",
-  "certificates.http.reachability-not-resolved": "There is no server available at this domain. Please make sure your domain exists and points to the IP where your NPM instance is running and if necessary port 80 is forwarded in your router.",
-  "certificates.http.reachability-ok": "Your server is reachable and creating certificates should be possible.",
-  "certificates.http.reachability-other": "There is a server found at this domain but it returned an unexpected status code {code}. Is it the NPM server? Please make sure your domain points to the IP where your NPM instance is running.",
-  "certificates.http.reachability-wrong-data": "There is a server found at this domain but it returned an unexpected data. Is it the NPM server? Please make sure your domain points to the IP where your NPM instance is running.",
-  "certificates.http.test-results": "Результаты проверки",
-  "certificates.http.warning": "These domains must be already configured to point to this installation.",
-  "certificates.request.subtitle": "через Let's Encrypt",
-  "certificates.request.title": "Получить новый сертификат",
-  "column.access": "Доступ",
-  "column.authorization": "Авторизация",
-  "column.authorizations": "Авторизации",
-  "column.custom-locations": "Свои маршруты",
-  "column.destination": "Назначение",
-  "column.details": "Детали",
-  "column.email": "Email",
-  "column.event": "Событие",
-  "column.expires": "Истекает",
-  "column.http-code": "HTTP Code",
-  "column.incoming-port": "Входящий порт",
-  "column.name": "Имя",
-  "column.protocol": "Протокол",
-  "column.provider": "Провайдер",
-  "column.roles": "Роли",
-  "column.rules": "Правила",
-  "column.satisfy": "Совпадение",
-  "column.satisfy-all": "Все",
-  "column.satisfy-any": "Любое",
-  "column.scheme": "Схема",
-  "column.source": "Источник",
-  "column.ssl": "SSL",
-  "column.status": "Статус",
-  "created-on": "Создан: {date}",
-  "dashboard": "Обзор",
-  "dead-host": "404-хост",
-  "dead-hosts": "404-хосты",
-  "dead-hosts.count": "{count} {count, plural, one {404-хост} few {404-хоста} many {404-хостов} other {404-хоста}}",
-  "disabled": "Выключен",
-  "domain-names": "Домены",
-  "domain-names.max": "Максимум доменов: {count}",
-  "domain-names.placeholder": "Начните ввод, чтобы добавить домен...",
-  "domain-names.wildcards-not-permitted": "Wildcard'ы не разрешены для этого типа",
-  "domain-names.wildcards-not-supported": "Wildcard'ы не поддерживаются этим CA",
-  "domains.force-ssl": "Всегда SSL",
-  "domains.hsts-enabled": "Поддержка HSTS",
-  "domains.hsts-subdomains": "Поддомены HSTS",
-  "domains.http2-support": "Поддержка HTTP/2",
-  "domains.use-dns": "Использовать DNS Challenge",
-  "email-address": "Email-адрес",
-  "empty-search": "Ничего не найдено",
-  "empty-subtitle": "Почему бы не создать его?",
-  "enabled": "Включен",
-  "error.access.at-least-one": "Either one Authorization or one Access Rule is required",
-  "error.access.duplicate-usernames": "Authorization Usernames must be unique",
-  "error.invalid-auth": "Неверный email или пароль",
-  "error.invalid-domain": "Неверный домен: {domain}",
-  "error.invalid-email": "Неверный email-адрес",
-  "error.max-character-length": "Maximum length is {max} character{max, plural, one {} other {s}}",
-  "error.max-domains": "Слишком много доменов, максимум {max}",
-  "error.maximum": "Максимум {max}",
-  "error.min-character-length": "Minimum length is {min} character{min, plural, one {} other {s}}",
-  "error.minimum": "Минимум {min}",
-  "error.passwords-must-match": "Пароли должны совпадать",
-  "error.required": "Обязательное поле",
-  "expires.on": "Истекает: {date}",
-  "footer.github-fork": "Fork me on Github",
-  "host.flags.block-exploits": "Блокировать известные эксплойты",
-  "host.flags.cache-assets": "Кэшировать ресурсы",
-  "host.flags.preserve-path": "Сохранять путь",
-  "host.flags.protocols": "Протоколы",
-  "host.flags.websockets-upgrade": "Поддержка WebSocket",
-  "host.forward-port": "Порт перенаправления",
-  "host.forward-scheme": "Схема",
-  "hosts": "Хосты",
-  "http-only": "Только HTTP",
-  "lets-encrypt": "Let's Encrypt",
-  "lets-encrypt-via-dns": "Let's Encrypt через DNS",
-  "lets-encrypt-via-http": "Let's Encrypt через HTTP",
-  "loading": "Загрузка…",
-  "login.title": "Авторизация",
-  "nginx-config.label": "Своя Nginx-конфигурация",
-  "nginx-config.placeholder": "# Введите здесь свою Nginx-конфигурацию, будьте осторожны!",
-  "no-permission-error": "You do not have access to view this.",
-  "notfound.action": "Вернуться на главную",
-  "notfound.content": "Извините, но страница, которую вы ищете, не найдена",
-  "notfound.title": "Упс… Вы попали на страницу ошибки",
-  "notification.error": "Ошибка",
-  "notification.object-deleted": "{object} удален",
-  "notification.object-disabled": "{object} выключен",
-  "notification.object-enabled": "{object} включен",
-  "notification.object-renewed": "{object} продлен",
-  "notification.object-saved": "{object} сохранен",
-  "notification.success": "Успешно",
-  "object.actions-title": "{object} #{id}",
-  "object.add": "Добавить {object}",
-  "object.delete": "Удалить {object}",
-  "object.delete.content": "Вы уверены, что хотите удалить {object}?",
-  "object.edit": "Изменить {object}",
-  "object.empty": "{objects} отстутствуют",
-  "object.event.created": "{object} создан",
-  "object.event.deleted": "{object} удален",
-  "object.event.disabled": "{object} выключен",
-  "object.event.enabled": "{object} включен",
-  "object.event.renewed": "{object} продлен",
-  "object.event.updated": "{object} обновлен",
-  "offline": "Офлайн",
-  "online": "Онлайн",
-  "options": "Параметры",
-  "password": "Пароль",
-  "password.generate": "Сгенерировать случайный пароль",
-  "password.hide": "Скрыть пароль",
-  "password.show": "Показать пароль",
-  "permissions.hidden": "Скрыто",
-  "permissions.manage": "Управление",
-  "permissions.view": "Только просмотр",
-  "permissions.visibility.all": "Все элементы",
-  "permissions.visibility.title": "Видимость элементов",
-  "permissions.visibility.user": "Созданные элементы",
-  "proxy-host": "Прокси-хост",
-  "proxy-host.forward-host": "Хост / IP перенаправления",
-  "proxy-hosts": "Прокси-хосты",
-  "proxy-hosts.count": "{count} {count, plural, one {прокси-хост} few {прокси-хоста} many {прокси-хостов} other {прокси-хоста}}",
-  "public": "Публичный",
-  "redirection-host": "Редирект-хост",
-  "redirection-host.forward-domain": "Домен перенаправления",
-  "redirection-host.forward-http-code": "HTTP Code",
-  "redirection-hosts": "Редирект-хосты",
-  "redirection-hosts.count": "{count} {count, plural, one {редирект-хост} few {редирект-хоста} many {редирект-хостов} other {редирект-хоста}}",
-  "role.admin": "Администратор",
-  "role.standard-user": "Обычный пользователь",
-  "save": "Сохранить",
-  "setting": "Настройка",
-  "settings": "Настройки",
-  "settings.default-site": "Страница по умолчанию",
-  "settings.default-site.404": "404-страница",
-  "settings.default-site.444": "Нет ответа (444)",
-  "settings.default-site.congratulations": "Страница поздравления",
-  "settings.default-site.description": "Что показывать, когда Nginx получает неизвестный хост",
-  "settings.default-site.html": "Свой HTML",
-  "settings.default-site.html.placeholder": "<!-- Введите здесь свой HTML-контент -->",
-  "settings.default-site.redirect": "Перенаправление",
-  "setup.preamble": "Начните с создания учётной записи администратора.",
-  "setup.title": "Добро пожаловать!",
-  "sign-in": "Войти",
-  "ssl-certificate": "SSL-сертификат",
-  "stream": "Поток",
-  "stream.forward-host": "Хост перенаправления",
-  "stream.incoming-port": "Входящий порт",
-  "streams": "Потоки",
-  "streams.count": "{count} {count, plural, one {поток} few {потока} many {потоков} other {потока}}",
-  "streams.tcp": "TCP",
-  "streams.udp": "UDP",
-  "test": "Проверить",
-  "user": "Пользователь",
-  "user.change-password": "Изменить пароль",
-  "user.confirm-password": "Повторите пароль",
-  "user.current-password": "Текущий пароль",
-  "user.edit-profile": "Изменить профиль",
-  "user.full-name": "Полное имя",
-  "user.login-as": "Войти как {name}",
-  "user.logout": "Выйти",
-  "user.new-password": "Новый пароль",
-  "user.nickname": "Псевдоним",
-  "user.set-password": "Задать пароль",
-  "user.set-permissions": "Set Permissions for {name}",
-  "user.switch-dark": "Включить тёмную тему",
-  "user.switch-light": "Включить светлую тему",
-  "username": "Логин",
-  "users": "Пользователи"
-}

frontend/src/locale/lang/sk.json

@@ -1,216 +0,0 @@
-{
-  "access-list": "zoznam prístupov",
-  "access-list.access-count": "{count} {count, plural, one {pravidlo} few {pravidlá} other {pravidiel}}",
-  "access-list.auth-count": "{count} {count, plural, one {používateľ} few {používatelia} other {používateľov}}",
-  "access-list.help-rules-last": "Keď existuje aspoň jedno pravidlo, toto pravidlo „zamietnuť všetko“ bude pridané ako posledné",
-  "access-list.help.rules-order": "Upozornenie: pravidlá povoliť a zamietnuť budú uplatňované v poradí, v akom sú definované.",
-  "access-list.pass-auth": "Odoslať overenie na Upstream",
-  "access-list.public": "Verejne prístupné",
-  "access-list.public.subtitle": "Nie je potrebné základné overenie",
-  "access-list.satisfy-any": "Splniť ktorékoľvek",
-  "access-list.subtitle": "{users} {users, plural, one {používateľ} few {používatelia} other {používateľov}}, {rules} {rules, plural, one {pravidlo} few {pravidlá} other {pravidiel}} - Vytvorené: {date}",
-  "access-lists": "Zoznamy prístupov",
-  "action.add": "Pridať",
-  "action.add-location": "Pridať umiestnenie",
-  "action.close": "Zavrieť",
-  "action.delete": "Vymazať",
-  "action.disable": "Deaktivovať",
-  "action.download": "Stiahnuť",
-  "action.edit": "Upraviť",
-  "action.enable": "Aktivovať",
-  "action.permissions": "Oprávnenia",
-  "action.renew": "Obnoviť",
-  "action.view-details": "Zobraziť podrobnosti",
-  "auditlogs": "Záznamy auditu",
-  "cancel": "Zrušiť",
-  "certificate": "Certifikát",
-  "certificate.custom-certificate": "Certifikát",
-  "certificate.custom-certificate-key": "Kľúč certifikátu",
-  "certificate.custom-intermediate": "Sprostredkovateľský certifikát",
-  "certificate.in-use": "Používa sa",
-  "certificate.none.subtitle": "Nie je priradený žiadny certifikát",
-  "certificate.none.subtitle.for-http": "Tento hostiteľ nebude používať HTTPS",
-  "certificate.none.title": "Žiadny",
-  "certificate.not-in-use": "Nepoužíva sa",
-  "certificate.renew": "Obnoviť certifikát",
-  "certificates": "Certifikáty",
-  "certificates.custom": "Vlastný certifikát",
-  "certificates.custom.warning": "Súbory kľúčov chránené heslom nie sú podporované.",
-  "certificates.dns.credentials": "Obsah súboru s prihlasovacími údajmi",
-  "certificates.dns.credentials-note": "Tento doplnok vyžaduje konfiguračný súbor obsahujúci API token alebo iné prihlasovacie údaje vášho poskytovateľa",
-  "certificates.dns.credentials-warning": "Tieto údaje budú uložené v databáze a v súbore ako obyčajný text!",
-  "certificates.dns.propagation-seconds": "Propagácia v sekundách",
-  "certificates.dns.propagation-seconds-note": "Ponechajte prázdne pre predvolenú hodnotu doplnku. Počet sekúnd, počas ktorých sa čaká na propagáciu DNS.",
-  "certificates.dns.provider": "DNS poskytovateľ",
-  "certificates.dns.warning": "Táto sekcia vyžaduje znalosť Certbotu a jeho DNS doplnkov. Prosím, pozrite si dokumentáciu príslušného doplnku.",
-  "certificates.http.reachability-404": "Na tejto doméne bol nájdený server, ale nezdá sa, že ide o Nginx Proxy Manager. Uistite sa, že vaša doména smeruje na IP, kde beží vaša inštancia NPM.",
-  "certificates.http.reachability-failed-to-check": "Nepodarilo sa overiť dostupnosť kvôli chybe komunikácie so službou site24x7.com.",
-  "certificates.http.reachability-not-resolved": "Na tejto doméne nie je dostupný žiadny server. Uistite sa, že doména existuje a smeruje na IP adresu s NPM a ak je to potrebné, port 80 je presmerovaný vo vašom smerovači.",
-  "certificates.http.reachability-ok": "Váš server je dostupný a vytvorenie certifikátu by malo byť možné.",
-  "certificates.http.reachability-other": "Na tejto doméne bol nájdený server, ale vrátil neočakávaný stavový kód {code}. Je to NPM server? Uistite sa prosím, že doména smeruje na IP, kde beží vaša inštancia NPM.",
-  "certificates.http.reachability-wrong-data": "Na tejto doméne bol nájdený server, ale vrátil neočakávané údaje. Je to NPM server? Uistite sa, že doména smeruje na IP, kde beží vaša inštancia NPM.",
-  "certificates.http.test-results": "Výsledky testu",
-  "certificates.http.warning": "Tieto domény musia byť už nakonfigurované tak, aby smerovali na túto inštaláciu.",
-  "certificates.request.subtitle": "pomocou Let's Encrypt",
-  "certificates.request.title": "Vyžiadať nový certifikát",
-  "column.access": "Prístup",
-  "column.authorization": "Autorizácia",
-  "column.authorizations": "Autorizácie",
-  "column.custom-locations": "Vlastné umiestnenia",
-  "column.destination": "Cieľ",
-  "column.details": "Podrobnosti",
-  "column.email": "Email",
-  "column.event": "Udalosť",
-  "column.expires": "Platnosť do",
-  "column.http-code": "Prístup",
-  "column.incoming-port": "Vstupný port",
-  "column.name": "Názov",
-  "column.protocol": "Protokol",
-  "column.provider": "Poskytovateľ",
-  "column.roles": "Roly",
-  "column.rules": "Pravidlá",
-  "column.satisfy": "Splniť",
-  "column.satisfy-all": "Všetky",
-  "column.satisfy-any": "Ktorékoľvek",
-  "column.scheme": "Schéma",
-  "column.source": "Zdroj",
-  "column.ssl": "SSL",
-  "column.status": "Stav",
-  "created-on": "Vytvorené: {date}",
-  "dashboard": "Panel",
-  "dead-host": "404 Hostiteľ",
-  "dead-hosts": "404 Hostitelia",
-  "dead-hosts.count": "{count} {count, plural, one {404 hostiteľ} few {404 hostitelia} other {404 hostiteľov}}",
-  "disabled": "Deaktivované",
-  "domain-names": "Doménové mená",
-  "domain-names.max": "Maximálne {count} doménových mien",
-  "domain-names.placeholder": "Začnite písať pre pridanie domény...",
-  "domain-names.wildcards-not-permitted": "Wildcards nie sú pre tento typ povolené",
-  "domain-names.wildcards-not-supported": "Wildcards nie sú podporované pre túto certifikačnú autoritu",
-  "domains.force-ssl": "Vynútiť SSL",
-  "domains.hsts-enabled": "HSTS povolené",
-  "domains.hsts-subdomains": "HSTS pre subdomény",
-  "domains.http2-support": "Podpora HTTP/2",
-  "domains.use-dns": "Použiť DNS výzvu",
-  "email-address": "Emailová adresa",
-  "empty-search": "Nenašli sa žiadne výsledky",
-  "empty-subtitle": "Prečo nevytvoríte nejaký?",
-  "enabled": "Aktivované",
-  "error.access.at-least-one": "Je vyžadovaná aspoň jedna autorizácia alebo jedno prístupové pravidlo",
-  "error.access.duplicate-usernames": "Používateľské mená pre autorizáciu musia byť jedinečné",
-  "error.invalid-auth": "Neplatný email alebo heslo",
-  "error.invalid-domain": "Neplatná doména: {domain}",
-  "error.invalid-email": "Neplatná emailová adresa",
-  "error.max-character-length": "Maximálna dĺžka je {max} znak{max, plural, one {} few {y} other {ov}}",
-  "error.max-domains": "Príliš veľa domén, maximum je {max}",
-  "error.maximum": "Maximum je {max}",
-  "error.min-character-length": "Minimálna dĺžka je {min} znak{min, plural, one {} few {y} other {ov}}",
-  "error.minimum": "Minimum je {min}",
-  "error.passwords-must-match": "Heslá sa musia zhodovať",
-  "error.required": "Toto pole je povinné",
-  "expires.on": "Platnosť do: {date}",
-  "footer.github-fork": "Forknite ma na GitHube",
-  "host.flags.block-exploits": "Blokovať bežné exploity",
-  "host.flags.cache-assets": "Uložiť zdroje do vyrovnávacej pamäte",
-  "host.flags.preserve-path": "Zachovať cestu",
-  "host.flags.protocols": "Protokoly",
-  "host.flags.websockets-upgrade": "Podpora WebSockets",
-  "host.forward-port": "Port presmerovania",
-  "host.forward-scheme": "Schéma",
-  "hosts": "Hostitelia",
-  "http-only": "Len HTTP",
-  "lets-encrypt": "Let's Encrypt",
-  "lets-encrypt-via-dns": "Let's Encrypt cez DNS",
-  "lets-encrypt-via-http": "Let's Encrypt cez HTTP",
-  "loading": "Načítava sa…",
-  "login.title": "Prihláste sa do svojho účtu",
-  "nginx-config.label": "Vlastná Nginx konfigurácia",
-  "nginx-config.placeholder": "# Zadajte vlastnú Nginx konfiguráciu na vlastné riziko!",
-  "no-permission-error": "Nemáte oprávnenie na zobrazenie tohto obsahu.",
-  "notfound.action": "Späť na hlavnú stránku",
-  "notfound.content": "Ľutujeme, stránka, ktorú hľadáte, nebola nájdená",
-  "notfound.title": "Ups… Našli ste chybovú stránku",
-  "notification.error": "Chyba",
-  "notification.object-deleted": "{object} bol odstránený",
-  "notification.object-disabled": "{object} bol deaktivovaný",
-  "notification.object-enabled": "{object} bol aktivovaný",
-  "notification.object-renewed": "{object} bol obnovený",
-  "notification.object-saved": "{object} bol uložené",
-  "notification.success": "Úspech",
-  "object.actions-title": "{object} #{id}",
-  "object.add": "Pridať {object}",
-  "object.delete": "Vymazať {object}",
-  "object.delete.content": "Naozaj chcete vymazať tento {object}?",
-  "object.edit": "Upraviť {object}",
-  "object.empty": "Nie sú žiadne/y {objects}",
-  "object.event.created": "Vytvorený {object}",
-  "object.event.deleted": "Vymazaný {object}",
-  "object.event.disabled": "Deaktivovaný {object}",
-  "object.event.enabled": "Aktivovaný {object}",
-  "object.event.renewed": "Obnovený {object}",
-  "object.event.updated": "Aktualizovaný {object}",
-  "offline": "Offline",
-  "online": "Online",
-  "options": "Možnosti",
-  "password": "Heslo",
-  "password.generate": "Vygenerovať náhodné heslo",
-  "password.hide": "Skryť heslo",
-  "password.show": "Zobraziť heslo",
-  "permissions.hidden": "Skryté",
-  "permissions.manage": "Spravovať",
-  "permissions.view": "Len na zobrazenie",
-  "permissions.visibility.all": "Všetky položky",
-  "permissions.visibility.title": "Viditeľnosť položky",
-  "permissions.visibility.user": "Len vytvorené položky",
-  "proxy-host": "Proxy hostiteľa",
-  "proxy-host.forward-host": "Cieľový názov hostiteľa / IP",
-  "proxy-hosts": "Proxy hostitelia",
-  "proxy-hosts.count": "{count} {count, plural, one {proxy hostiteľ} few {proxy hostitelia} other {proxy hostiteľov}}",
-  "public": "Verejné",
-  "redirection-host": "presmerovacieho hostiteľa",
-  "redirection-host.forward-domain": "Cieľová doména",
-  "redirection-host.forward-http-code": "HTTP kód",
-  "redirection-hosts": "Presmerovací hostitelia",
-  "redirection-hosts.count": "{count} {count, plural, one {presmerovací hostiteľ} few {presmerovací hostitelia} other {presmerovacích hostiteľov}}",
-  "role.admin": "Administrátor",
-  "role.standard-user": "Bežný používateľ",
-  "save": "Uložiť",
-  "setting": "Nastavenie",
-  "settings": "Nastavenia",
-  "settings.default-site": "Predvolená stránka",
-  "settings.default-site.404": "Stránka 404",
-  "settings.default-site.444": "Bez odpovede (444)",
-  "settings.default-site.congratulations": "Gratulačná stránka",
-  "settings.default-site.description": "Čo zobraziť, keď Nginx zachytí neznámeho hostiteľa",
-  "settings.default-site.html": "Vlastné HTML",
-  "settings.default-site.html.placeholder": "<!-- Sem zadajte vlastný HTML obsah -->",
-  "settings.default-site.redirect": "Presmerovať",
-  "setup.preamble": "Začnite vytvorením administrátorského účtu.",
-  "setup.title": "Vitajte!",
-  "sign-in": "Prihlásiť sa",
-  "ssl-certificate": "SSL certifikát",
-  "stream": "Stream",
-  "stream.forward-host": "Cieľový hostiteľ",
-  "stream.incoming-port": "Vstupný port",
-  "streams": "Streamy",
-  "streams.count": "{count} {count, plural, one {stream} few {streamy} other {streamov}}",
-  "streams.tcp": "TCP",
-  "streams.udp": "UDP",
-  "test": "Test",
-  "user": "používateľa",
-  "user.change-password": "Zmeniť heslo",
-  "user.confirm-password": "Potvrdiť heslo",
-  "user.current-password": "Aktuálne heslo",
-  "user.edit-profile": "Upraviť profil",
-  "user.full-name": "Celé meno",
-  "user.login-as": "Prihlásiť sa ako {name}",
-  "user.logout": "Odhlásiť sa",
-  "user.new-password": "Nové heslo",
-  "user.nickname": "Prezývka",
-  "user.set-password": "Nastaviť heslo",
-  "user.set-permissions": "Nastaviť oprávnenia pre {name}",
-  "user.switch-dark": "Prepnúť na tmavý režim",
-  "user.switch-light": "Prepnúť na svetlý režim",
-  "username": "Používateľské meno",
-  "users": "Používatelia"
-}

frontend/src/locale/lang/zh.json

@@ -1,216 +0,0 @@
-{
-  "access-list": "通信规则",
-  "access-list.access-count": "{count} 条规则",
-  "access-list.auth-count": "{count} 个用户",
-  "access-list.help-rules-last": "当至少存在1条规则时，此拒绝所有规则将被添加到最后",
-  "access-list.help.rules-order": " 允许 (allow) 和禁止 (deny) 规则将按照它们定义的顺序执行。",
-  "access-list.pass-auth": "将认证传递给上游",
-  "access-list.public": "公开可访问",
-  "access-list.public.subtitle": "无需基本认证",
-  "access-list.satisfy-any": "满足任意条件",
-  "access-list.subtitle": "{users} 个用户, {rules} 条规则 - 创建时间: {date}",
-  "access-lists": "通信规则",
-  "action.add": "添加",
-  "action.add-location": "添加路径规则(Location)",
-  "action.close": "关闭",
-  "action.delete": "删除",
-  "action.disable": "禁用",
-  "action.download": "下载",
-  "action.edit": "编辑",
-  "action.enable": "启用",
-  "action.permissions": "权限",
-  "action.renew": "续期",
-  "action.view-details": "查看详情",
-  "auditlogs": "审计日志",
-  "cancel": "取消",
-  "certificate": "证书",
-  "certificate.custom-certificate": "证书",
-  "certificate.custom-certificate-key": "证书密钥",
-  "certificate.custom-intermediate": "中间证书",
-  "certificate.in-use": "使用中",
-  "certificate.none.subtitle": "未分配证书",
-  "certificate.none.subtitle.for-http": "此主机将不使用 HTTPS",
-  "certificate.none.title": "无",
-  "certificate.not-in-use": "未使用",
-  "certificate.renew": "续期证书",
-  "certificates": "证书列表",
-  "certificates.custom": "自定义证书",
-  "certificates.custom.warning": "不支持受密码保护的密钥文件。",
-  "certificates.dns.credentials": "凭据文件内容",
-  "certificates.dns.credentials-note": "此插件需要一个包含 API 令牌或提供商其他凭证的配置文件",
-  "certificates.dns.credentials-warning": "此数据将以明文形式存储在数据库和文件中！",
-  "certificates.dns.propagation-seconds": "传播时间 (秒)",
-  "certificates.dns.propagation-seconds-note": "留空以使用插件默认值。等待DNS传播的秒数。",
-  "certificates.dns.provider": "DNS 提供商",
-  "certificates.dns.warning": "本节需要您具备一些关于 Certbot 及其 DNS 插件的知识，请参阅相应插件的官方文档。",
-  "certificates.http.reachability-404": "在此域名下找到了一个服务器，但它似乎不是 Nginx 代理管理器。请确保您的域名指向 NPM 实例运行的 IP 地址。",
-  "certificates.http.reachability-failed-to-check": "由于与site24x7.com通信错误，无法检查可达性。",
-  "certificates.http.reachability-not-resolved": "此域名下没有可用的服务器。请确保您的域名存在并指向NPM实例运行的 IP 地址，如有必要，请在路由器中转发 80 端口。",
-  "certificates.http.reachability-ok": "您的服务器可以访问，应该可以创建证书。",
-  "certificates.http.reachability-other": "在此域名下找到了一个服务器，但它返回了意外的状态码 {code}。它是 NPM 服务器吗？请确保您的域名指向NPM实例运行的 IP 地址。",
-  "certificates.http.reachability-wrong-data": "在此域名下找到了一个服务器，但它返回了意外的数据。它是 NPM 服务器吗？请确保您的域名指向 NPM 实例运行的 IP 地址。",
-  "certificates.http.test-results": "测试结果",
-  "certificates.http.warning": "这些域名必须配置为指向本设备。",
-  "certificates.request.subtitle": "使用 Let's Encrypt",
-  "certificates.request.title": "申请新证书",
-  "column.access": "访问",
-  "column.authorization": "授权",
-  "column.authorizations": "授权列表",
-  "column.custom-locations": "自定义路径规则 (Locations)",
-  "column.destination": "目标",
-  "column.details": "详情",
-  "column.email": "邮箱",
-  "column.event": "事件",
-  "column.expires": "过期时间",
-  "column.http-code": "访问",
-  "column.incoming-port": "入站端口",
-  "column.name": "名称",
-  "column.protocol": "协议",
-  "column.provider": "提供商",
-  "column.roles": "角色",
-  "column.rules": "规则",
-  "column.satisfy": "满足",
-  "column.satisfy-all": "全部",
-  "column.satisfy-any": "任意",
-  "column.scheme": "协议",
-  "column.source": "来源",
-  "column.ssl": "SSL",
-  "column.status": "状态",
-  "created-on": "创建时间: {date}",
-  "dashboard": "仪表板",
-  "dead-host": "错误页面",
-  "dead-hosts": "错误页面列表",
-  "dead-hosts.count": "{count} 个错误页面列表",
-  "disabled": "已禁用",
-  "domain-names": "域名",
-  "domain-names.max": "{count} 个最多域名数量",
-  "domain-names.placeholder": "开始输入以添加域名...",
-  "domain-names.wildcards-not-permitted": "此类型不允许使用通配符",
-  "domain-names.wildcards-not-supported": "此 CA 不支持通配符",
-  "domains.force-ssl": "强制 SSL",
-  "domains.hsts-enabled": "HSTS 已启用",
-  "domains.hsts-subdomains": "HSTS 子域名",
-  "domains.http2-support": "HTTP/2 支持",
-  "domains.use-dns": "使用DNS验证",
-  "email-address": "邮箱地址",
-  "empty-search": "未找到结果",
-  "empty-subtitle": "为什么不由您来创建一个呢？",
-  "enabled": "已启用",
-  "error.access.at-least-one": "需要至少一个授权或访问规则",
-  "error.access.duplicate-usernames": "授权用户名必须唯一",
-  "error.invalid-auth": "无效的邮箱或密码",
-  "error.invalid-domain": "无效的域名: {domain}",
-  "error.invalid-email": "无效的邮箱地址",
-  "error.max-character-length": "最大长度为 {max} 个字符",
-  "error.max-domains": "域名过多，最多为 {max} 个",
-  "error.maximum": "最大值为 {max}",
-  "error.min-character-length": "最小长度为 {min} 个字符",
-  "error.minimum": "最小值为 {min}",
-  "error.passwords-must-match": "密码必须匹配",
-  "error.required": "此项为必填项",
-  "expires.on": "过期时间: {date}",
-  "footer.github-fork": "在 Github 上复刻 (For) 本项目",
-  "host.flags.block-exploits": "阻止常见攻击",
-  "host.flags.cache-assets": "缓存资源",
-  "host.flags.preserve-path": "保留路径",
-  "host.flags.protocols": "协议",
-  "host.flags.websockets-upgrade": "Websockets 支持",
-  "host.forward-port": "转发端口",
-  "host.forward-scheme": "协议",
-  "hosts": "主机列表",
-  "http-only": "仅 HTTP",
-  "lets-encrypt": "Let's Encrypt",
-  "lets-encrypt-via-dns": "Let's Encrypt DNS 验证",
-  "lets-encrypt-via-http": "Let's Encrypt HTTP 验证",
-  "loading": "加载中···",
-  "login.title": "登录您的账户",
-  "nginx-config.label": "自定义 Nginx 配置",
-  "nginx-config.placeholder": "# 在此输入您的自定义 Nginx 配置，风险自负！",
-  "no-permission-error": "您无权查看此内容。",
-  "notfound.action": "返回首页",
-  "notfound.content": "很抱歉，您要查找的页面未找到",
-  "notfound.title": "糟糕...您刚刚找到了一个错误页面",
-  "notification.error": "错误",
-  "notification.object-deleted": "{object} 已被删除",
-  "notification.object-disabled": "{object} 已被禁用",
-  "notification.object-enabled": "{object} 已被启用",
-  "notification.object-renewed": "{object} 已续期",
-  "notification.object-saved": "{object} 已保存",
-  "notification.success": "成功",
-  "object.actions-title": "{object} #{id}",
-  "object.add": "添加 {object}",
-  "object.delete": "删除 {object}",
-  "object.delete.content": "您确定要删除 {object} 吗？",
-  "object.edit": "编辑 {object}",
-  "object.empty": "没有 {objects}",
-  "object.event.created": "已创建 {object}",
-  "object.event.deleted": "已删除 {object}",
-  "object.event.disabled": "已禁用 {object}",
-  "object.event.enabled": "已启用 {object}",
-  "object.event.renewed": "已续期 {object}",
-  "object.event.updated": "已更新 {object}",
-  "offline": "离线",
-  "online": "在线",
-  "options": "选项",
-  "password": "密码",
-  "password.generate": "生成随机密码",
-  "password.hide": "隐藏密码",
-  "password.show": "显示密码",
-  "permissions.hidden": "隐藏",
-  "permissions.manage": "管理",
-  "permissions.view": "仅查看",
-  "permissions.visibility.all": "所有项目",
-  "permissions.visibility.title": "项目可见性",
-  "permissions.visibility.user": "仅创建的项目",
-  "proxy-host": "代理服务",
-  "proxy-host.forward-host": "转发主机名 / IP",
-  "proxy-hosts": "代理服务列表",
-  "proxy-hosts.count": "{count} 个代理服务",
-  "public": "公开",
-  "redirection-host": "重定向主机",
-  "redirection-host.forward-domain": "转发域名",
-  "redirection-host.forward-http-code": "HTTP 状态码",
-  "redirection-hosts": "重定向主机列表",
-  "redirection-hosts.count": "{count} 个重定向主机",
-  "role.admin": "管理员",
-  "role.standard-user": "标准用户",
-  "save": "保存",
-  "setting": "设置",
-  "settings": "设置列表",
-  "settings.default-site": "默认站点",
-  "settings.default-site.404": "错误页面",
-  "settings.default-site.444": "无响应 (444)",
-  "settings.default-site.congratulations": "欢迎页面",
-  "settings.default-site.description": "当 Nginx 遇到未知主机时显示什么",
-  "settings.default-site.html": "自定义 HTML",
-  "settings.default-site.html.placeholder": "<!-- 在此输入您的自定义 HTML 内容 -->",
-  "settings.default-site.redirect": "重定向",
-  "setup.preamble": "通过创建您的管理员账户开始使用。",
-  "setup.title": "欢迎！",
-  "sign-in": "登录",
-  "ssl-certificate": "SSL 证书",
-  "stream": "端口转发",
-  "stream.forward-host": "转发主机",
-  "stream.incoming-port": "入站端口",
-  "streams": "端口转发列表",
-  "streams.count": "{count} 个端口转发",
-  "streams.tcp": "TCP",
-  "streams.udp": "UDP",
-  "test": "测试",
-  "user": "用户",
-  "user.change-password": "修改密码",
-  "user.confirm-password": "确认密码",
-  "user.current-password": "当前密码",
-  "user.edit-profile": "编辑资料",
-  "user.full-name": "全名",
-  "user.login-as": "登录用户 {name}",
-  "user.logout": "退出登录",
-  "user.new-password": "新密码",
-  "user.nickname": "昵称",
-  "user.set-password": "设置密码",
-  "user.set-permissions": "为用户 {name} 设置权限",
-  "user.switch-dark": "切换到深色模式",
-  "user.switch-light": "切换到浅色模式",
-  "username": "用户名",
-  "users": "用户列表"
-}

frontend/src/locale/scripts/locale-sort.sh

@@ -31,6 +31,6 @@ for file in *.json; do
 		fi
 
 		echo "Sorting $file"
-		jq --tab --sort-keys . "$file" | sponge "$file"
+		tmp=$(mktemp) && jq --tab --sort-keys . "$file" > "$tmp" && mv "$tmp" "$file"
 	fi
 done

frontend/src/locale/src/HelpDoc/bg/AccessLists.md

@@ -0,0 +1,7 @@
+## Какво представлява Списъкът за достъп?
+
+Списъците за достъп предоставят черен или бял списък от конкретни клиентски IP адреси, както и удостоверяване за Прокси хостове чрез базова HTTP автентикация.
+
+Можете да конфигурирате множество клиентски правила, потребителски имена и пароли в един Списък за достъп и след това да го приложите към един или повече _Прокси хостове_.
+
+Това е най-полезно при препращани уеб услуги, които нямат вградени механизми за удостоверяване, или когато искате да защитите достъпа от неизвестни клиенти.

frontend/src/locale/src/HelpDoc/bg/Certificates.md

@@ -0,0 +1,21 @@
+## Помощ за сертификати
+
+### HTTP сертификат
+
+HTTP валидираният сертификат означава, че сървърите на Let’s Encrypt ще се опитат да достигнат вашите домейни по HTTP (не по HTTPS!) и ако успеят, ще издадат сертификата.
+
+За този метод трябва да имате създаден _Прокси хост_ за вашия/вашите домейни, който да е достъпен по HTTP и да сочи към тази Nginx инсталация. След като бъде издаден сертификат, можете да промените _Прокси хоста_ така, че да използва сертификата и за HTTPS връзки. Въпреки това, _Прокси хостът_ трябва да остане конфигуриран за достъп по HTTP, за да може сертификатът да се подновява.
+
+Този процес _не_ поддържа wildcard домейни.
+
+### DNS сертификат
+
+DNS валидираният сертификат изисква използването на DNS Provider плъгин. Този DNS Provider ще бъде използван за временно създаване на записи във вашия домейн, след което Let’s Encrypt ще ги провери, за да се увери, че сте собственикът, и при успех ще издаде сертификата.
+
+Не е необходимо да имате _Прокси хост_, създаден предварително, за да заявите този тип сертификат. Нито е нужно вашият _Прокси хост_ да бъде конфигуриран за достъп по HTTP.
+
+Този процес _поддържа_ wildcard домейни.
+
+### Персонализиран сертификат
+
+Използвайте тази опция, за да качите собствен SSL сертификат, предоставен от ваша сертификатна агенция.

frontend/src/locale/src/HelpDoc/bg/DeadHosts.md

@@ -0,0 +1,10 @@
+## Какво представлява 404 хост?
+
+404 хост е просто конфигурация на хост, който показва страница с грешка 404.
+
+Това може да е полезно, когато вашият домейн е индексиран в търсачките и искате
+да предоставите по-приятна страница за грешка или да уведомите индексиращите системи,
+че страниците на домейна вече не съществуват.
+
+Допълнително предимство на този хост е възможността да проследявате логовете на заявките
+към него и да виждате реферерите.

frontend/src/locale/src/HelpDoc/bg/ProxyHosts.md

@@ -0,0 +1,7 @@
+## Какво представлява Прокси хост?
+
+Прокси хост е входна точка за уеб услуга, която искате да препращате.
+
+Той предоставя възможност за SSL терминaция на услуга, която може да няма вградена поддръжка на SSL.
+
+Прокси хостовете са най-често използваната функция в Nginx Proxy Manager.

frontend/src/locale/src/HelpDoc/bg/RedirectionHosts.md

@@ -0,0 +1,7 @@
+## Какво представлява Хост за пренасочване?
+
+Хостът за пренасочване пренасочва заявките от входящия домейн и прехвърля
+потребителя към друг домейн.
+
+Най-честата причина за използване на този тип хост е, когато вашият уебсайт
+промени домейна си, но все още има линкове от търсачки или реферери, които сочат към стария домейн.

frontend/src/locale/src/HelpDoc/bg/Streams.md

@@ -0,0 +1,6 @@
+## Какво представлява Потокът (Stream)?
+
+Относително нова функция за Nginx, Потокът позволява препращане на TCP/UDP
+трафик директно към друг компютър в мрежата.
+
+Това е полезно, ако хоствате игрови сървъри, FTP или SSH сървъри.

frontend/src/locale/src/HelpDoc/bg/index.ts

@@ -0,0 +1,6 @@
+export * as AccessLists from "./AccessLists.md";
+export * as Certificates from "./Certificates.md";
+export * as DeadHosts from "./DeadHosts.md";
+export * as ProxyHosts from "./ProxyHosts.md";
+export * as RedirectionHosts from "./RedirectionHosts.md";
+export * as Streams from "./Streams.md";

frontend/src/locale/src/HelpDoc/ga/AccessLists.md

@@ -0,0 +1,7 @@
+## Cad is Liosta Rochtana ann?
+
+Soláthraíonn Liostaí Rochtana liosta dubh nó liosta bán de sheoltaí IP cliant ar leith mar aon le fíordheimhniú do na hÓstaigh Seachfhreastalaí trí Fhíordheimhniú Bunúsach HTTP.
+
+Is féidir leat rialacha cliant, ainmneacha úsáideora agus pasfhocail iolracha a chumrú le haghaidh Liosta Rochtana aonair agus ansin iad sin a chur i bhfeidhm ar _Óstach Seachfhreastalaí_ amháin nó níos mó.
+
+Tá sé seo an-úsáideach i gcás seirbhísí gréasáin atreoraithe nach bhfuil meicníochtaí fíordheimhnithe ionsuite iontu nó nuair is mian leat cosaint a dhéanamh ar chliaint anaithnide.

frontend/src/locale/src/HelpDoc/ga/Certificates.md

@@ -0,0 +1,21 @@
+## Cabhair le Deimhnithe
+
+### Teastas HTTP
+
+Ciallaíonn deimhniú bailíochtaithe HTTP go ndéanfaidh freastalaithe Let's Encrypt iarracht teacht ar do fhearainn thar HTTP (ní HTTPS!) agus má éiríonn leo, eiseoidh siad do theastas.
+
+Chun an modh seo a dhéanamh, beidh ort _Óstach Proxy_ a chruthú do do fhearainn(eanna) atá inrochtana le HTTP agus ag pointeáil chuig an suiteáil Nginx seo. Tar éis deimhniú a thabhairt, is féidir leat an _Óstach Proxy_ a mhodhnú chun an deimhniú seo a úsáid le haghaidh naisc HTTPS freisin. Mar sin féin, beidh ort an _Óstach Proxy_ a chumrú fós le haghaidh rochtain HTTP chun go ndéanfar an deimhniú a athnuachan.
+
+_Ní thacaíonn_ an próiseas seo le fearainn fiáine.
+
+### Teastas DNS
+
+Éilíonn deimhniú bailíochtaithe DNS ort breiseán Soláthraí DNS a úsáid. Úsáidfear an Soláthraí DNS seo chun taifid shealadacha a chruthú ar do fhearann agus ansin déanfaidh Let's Encrypt fiosrúchán ar na taifid sin lena chinntiú gurb tusa an t-úinéir agus má éiríonn leo, eiseoidh siad do theastas.	
+
+Ní gá duit _Óstach Proxy_ a chruthú sula n-iarrann tú an cineál seo teastais. Ní gá duit do _Óstach Proxy_ a chumrú le haghaidh rochtana HTTP ach an oiread.
+
+_Tacaíonn_ an próiseas seo le fearainn fiáine.
+
+### Teastas Saincheaptha
+
+Úsáid an rogha seo chun do Theastas SSL féin a uaslódáil, mar a sholáthraíonn d'Údarás Deimhnithe féin é.

frontend/src/locale/src/HelpDoc/ga/DeadHosts.md

@@ -0,0 +1,7 @@
+## Cad is Óstach 404 ann?
+
+Is socrú óstach a thaispeánann leathanach 404 é Óstach 404.
+
+Is féidir leis seo a bheith úsáideach nuair a bhíonn do fhearann liostaithe in innill chuardaigh agus más mian leat leathanach earráide níos deise a sholáthar nó a chur in iúl do na hinnéacsóirí cuardaigh go sonrach nach bhfuil na leathanaigh fearainn ann a thuilleadh.
+
+Buntáiste eile a bhaineann leis an óstach seo a bheith agat ná go bhfeictear na logaí le haghaidh amas agus go bhfeictear na tagairtí.

frontend/src/locale/src/HelpDoc/ga/ProxyHosts.md

@@ -0,0 +1,7 @@
+## Cad is Óstach Seachfhreastalaí ann?
+
+Is é Óstach Seachfhreastalaí an críochphointe isteach do sheirbhís ghréasáin ar mhaith leat a atreorú.
+
+Soláthraíonn sé foirceannadh SSL roghnach do do sheirbhís nach bhfuil tacaíocht SSL ionsuite inti b'fhéidir.
+
+Is iad Óstaigh Seachfhreastalaí an úsáid is coitianta a bhaintear as Bainisteoir Seachfhreastalaí Nginx.

frontend/src/locale/src/HelpDoc/ga/RedirectionHosts.md

@@ -0,0 +1,5 @@
+## Cad is Óstach Athsheolta ann?
+
+Déanfaidh Óstach Athsheolta iarratais a atreorú ón bhfearann ag teacht isteach agus an breathnóir a bhrú chuig fearann eile.
+
+Is é an chúis is coitianta le húsáid a bhaint as an gcineál seo óstála ná nuair a athraíonn do shuíomh Gréasáin fearainn ach go bhfuil naisc innill chuardaigh nó atreoraithe agat fós ag tagairt don seanfhearann.

frontend/src/locale/src/HelpDoc/ga/Streams.md

@@ -0,0 +1,5 @@
+## Cad is Sruth ann?
+
+Gné réasúnta nua do Nginx is ea Sruth a sheolfaidh trácht TCP/UDP go díreach chuig ríomhaire eile ar an líonra.
+
+Más freastalaithe cluichí, freastalaithe FTP nó SSH atá á rith agat, d’fhéadfadh sé seo a bheith úsáideach.

frontend/src/locale/src/HelpDoc/ga/index.ts

@@ -0,0 +1,6 @@
+export * as AccessLists from "./AccessLists.md";
+export * as Certificates from "./Certificates.md";
+export * as DeadHosts from "./DeadHosts.md";
+export * as ProxyHosts from "./ProxyHosts.md";
+export * as RedirectionHosts from "./RedirectionHosts.md";
+export * as Streams from "./Streams.md";

frontend/src/locale/src/HelpDoc/id/AccessLists.md

@@ -0,0 +1,7 @@
+## Apa itu Daftar Akses?
+
+Daftar Akses menyediakan daftar hitam atau daftar putih alamat IP klien tertentu beserta autentikasi untuk Host Proxy melalui Autentikasi HTTP Basic.
+
+Anda dapat mengonfigurasi beberapa aturan klien, nama pengguna, dan kata sandi untuk satu Daftar Akses lalu menerapkannya ke satu atau lebih _Host Proxy_.
+
+Ini paling berguna untuk layanan web yang diteruskan yang tidak memiliki mekanisme autentikasi bawaan atau ketika Anda ingin melindungi dari klien yang tidak dikenal.

frontend/src/locale/src/HelpDoc/id/Certificates.md

@@ -0,0 +1,32 @@
+## Bantuan Sertifikat
+
+### Sertifikat HTTP
+
+Sertifikat yang divalidasi HTTP berarti server Let's Encrypt akan
+mencoba menjangkau domain Anda melalui HTTP (bukan HTTPS!) dan jika berhasil, mereka
+akan menerbitkan sertifikat Anda.
+
+Untuk metode ini, Anda harus membuat _Host Proxy_ untuk domain Anda yang
+dapat diakses dengan HTTP dan mengarah ke instalasi Nginx ini. Setelah sertifikat
+diberikan, Anda dapat mengubah _Host Proxy_ agar juga menggunakan sertifikat ini untuk HTTPS
+koneksi. Namun, _Host Proxy_ tetap perlu dikonfigurasi untuk akses HTTP
+agar sertifikat dapat diperpanjang.
+
+Proses ini _tidak_ mendukung domain wildcard.
+
+### Sertifikat DNS
+
+Sertifikat yang divalidasi DNS mengharuskan Anda menggunakan plugin Penyedia DNS. Penyedia DNS ini
+akan digunakan untuk membuat record sementara pada domain Anda dan kemudian Let's
+Encrypt akan menanyakan record tersebut untuk memastikan Anda pemiliknya dan jika berhasil, mereka
+akan menerbitkan sertifikat Anda.
+
+Anda tidak perlu membuat _Host Proxy_ sebelum meminta jenis sertifikat ini.
+Anda juga tidak perlu mengonfigurasi _Host Proxy_ untuk akses HTTP.
+
+Proses ini _mendukung_ domain wildcard.
+
+### Sertifikat Kustom
+
+Gunakan opsi ini untuk mengunggah Sertifikat SSL Anda sendiri, sebagaimana disediakan oleh
+Certificate Authority Anda.

frontend/src/locale/src/HelpDoc/id/DeadHosts.md

@@ -0,0 +1,10 @@
+## Apa itu Host 404?
+
+Host 404 adalah konfigurasi host yang menampilkan halaman 404.
+
+Ini dapat berguna ketika domain Anda terindeks di mesin pencari dan Anda ingin
+menyediakan halaman error yang lebih baik atau secara khusus memberi tahu pengindeks pencarian bahwa
+halaman domain tersebut sudah tidak ada.
+
+Manfaat lain memiliki host ini adalah melacak log untuk akses ke host tersebut dan
+melihat perujuk.

frontend/src/locale/src/HelpDoc/id/ProxyHosts.md

@@ -0,0 +1,7 @@
+## Apa itu Host Proxy?
+
+Host Proxy adalah endpoint masuk untuk layanan web yang ingin Anda teruskan.
+
+Host ini menyediakan terminasi SSL opsional untuk layanan Anda yang mungkin tidak memiliki dukungan SSL bawaan.
+
+Host Proxy adalah penggunaan paling umum untuk Nginx Proxy Manager.

frontend/src/locale/src/HelpDoc/id/RedirectionHosts.md

@@ -0,0 +1,5 @@
+## Apa itu Host Pengalihan?
+
+Host Pengalihan akan mengalihkan permintaan dari domain masuk dan mengarahkan pengunjung ke domain lain.
+
+Alasan paling umum menggunakan jenis host ini adalah ketika situs Anda berpindah domain tetapi masih ada tautan mesin pencari atau perujuk yang mengarah ke domain lama.

frontend/src/locale/src/HelpDoc/id/Streams.md

@@ -0,0 +1,6 @@
+## Apa itu Stream?
+
+Fitur yang relatif baru untuk Nginx, Stream berfungsi untuk meneruskan trafik TCP/UDP
+langsung ke komputer lain di jaringan.
+
+Jika Anda menjalankan server game, FTP, atau SSH, ini bisa sangat membantu.

frontend/src/locale/src/HelpDoc/id/index.ts

@@ -0,0 +1,6 @@
+export * as AccessLists from "./AccessLists.md";
+export * as Certificates from "./Certificates.md";
+export * as DeadHosts from "./DeadHosts.md";
+export * as ProxyHosts from "./ProxyHosts.md";
+export * as RedirectionHosts from "./RedirectionHosts.md";
+export * as Streams from "./Streams.md";

frontend/src/locale/src/HelpDoc/index.ts

@@ -1,20 +1,34 @@
 import * as de from "./de/index";
 import * as en from "./en/index";
+import * as ga from './ga/index'
+import * as id from "./id/index";
+import * as it from "./it/index";
 import * as ja from "./ja/index";
-import * as sk from "./sk/index";
-import * as zh from "./zh/index";
+import * as nl from "./nl/index";
 import * as pl from "./pl/index";
+import * as ru from "./ru/index";
+import * as sk from "./sk/index";
+import * as vi from "./vi/index";
+import * as zh from "./zh/index";
+import * as ko from "./ko/index";
+import * as bg from "./bg/index";
 
-const items: any = { en, de, ja, sk, zh, pl };
+const items: any = { en, de, ja, sk, zh, pl, ru, it, vi, nl, bg, ko, ga, id }
 
 const fallbackLang = "en";
 
 export const getHelpFile = (lang: string, section: string): string => {
-	if (typeof items[lang] !== "undefined" && typeof items[lang][section] !== "undefined") {
+	if (
+		typeof items[lang] !== "undefined" &&
+		typeof items[lang][section] !== "undefined"
+	) {
 		return items[lang][section].default;
 	}
 	// Fallback to English
-	if (typeof items[fallbackLang] !== "undefined" && typeof items[fallbackLang][section] !== "undefined") {
+	if (
+		typeof items[fallbackLang] !== "undefined" &&
+		typeof items[fallbackLang][section] !== "undefined"
+	) {
 		return items[fallbackLang][section].default;
 	}
 	throw new Error(`Cannot load help doc for ${lang}-${section}`);

frontend/src/locale/src/HelpDoc/it/AccessLists.md

@@ -0,0 +1,7 @@
+## Che cos'è una Lista di Accesso?
+
+La Lista di Accesso fornisce una blacklist o una whitelist di indirizzi IP specifici dei client insieme all'autenticazione per gli host proxy tramite autenticazione HTTP di base.
+
+È possibile configurare più regole client, nomi utente e password per un singolo lista di accesso e quindi applicarlo a uno o più host proxy.
+
+Ciò è particolarmente utile per i servizi web inoltrati che non dispongono di meccanismi di autenticazione integrati o quando si desidera proteggersi da client sconosciuti.

frontend/src/locale/src/HelpDoc/it/Certificates.md

@@ -0,0 +1,24 @@
+## Guida sui Certificati
+
+### Certificato HTTP
+
+Un certificato convalidato HTTP significa che i server Let's Encrypttenteranno di raggiungere i tuoi domini tramite HTTP (non HTTPS!) e, in caso di esito positivo, emetteranno il tuo certificato.
+
+Per questo metodo, dovrai creare un _Proxy Host_ per i tuoi domini chesia accessibile con HTTP e che punti a questa installazione Nginx.
+Dopo che il certificato è stato rilasciato, puoi modificare il _Proxy Host_ per utilizzare questo certificato anche per le connessioni HTTPS.
+Tuttavia, il _Proxy Host_ dovrà comunque essere configurato per l'accesso HTTP affinché il certificato possa essere rinnovato.
+
+Questo processo _non_ supporta i domini wildcard.
+
+### Certificato DNS
+
+Un certificato convalidato dal DNS richiede l'uso di un plugin DNS Provider. Questo DNS Provider verrà utilizzato per creare record temporanei sul tuo dominio,
+quindi Let's Encrypt interrogherà tali record per assicurarsi che tu sia il proprietario e, in caso di esito positivo,rilascerà il tuo certificato.
+
+Non è necessario creare un _Proxy Host_ prima di richiedere questo tipo di certificato. Non è nemmeno necessario configurare il tuo _proxy host_ per l'accesso HTTP.
+
+Questo processo _supporta_ i domini wildcard.
+
+### Certificato personalizzato
+
+Utilizza questa opzione per caricare il tuo certificato SSL, fornito dalla tua autorità di certificazione.